{"report_id":"37fc380c-350d-4b8e-88d7-0f07af52cd46","version":6,"status":"done","tags":[],"date":"2025-09-15T02:31:03Z","url":{"schema":"http","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"title":"(1) New Message!"},"submit":{"url":{"schema":"http","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-20T02:31:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":9}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"zhkj61k3oc.amazonaws.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"qtnhu20mg2.amazonaws.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"aie2jr5kc3.amazonaws.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"pl27200752.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"madurird.com","ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-10-06","domain_rank":7966,"first_seen":"2023-10-07T10:39:52Z","last_seen":"2025-09-14T12:21:08.691485Z","alert_count":0,"request_count":7,"received_data":347021,"sent_data":4857,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sootoarathus.net","ip":{"addr":"104.21.93.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-05","domain_rank":98868,"first_seen":"2025-03-20T00:46:42.596565Z","last_seen":"2025-09-14T22:05:13.562209Z","alert_count":0,"request_count":2,"received_data":154856,"sent_data":828,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-09-09T22:05:04.72512Z","alert_count":0,"request_count":2,"received_data":171926,"sent_data":828,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pl27200752.revenuecpmgate.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-08-29","domain_rank":0,"first_seen":"2025-09-07T21:21:14.384268Z","last_seen":"2025-09-14T22:05:13.591844Z","alert_count":1,"request_count":1,"received_data":110999,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"aqle3.com","ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-03-21","domain_rank":160528,"first_seen":"2025-05-21T21:24:11.832374Z","last_seen":"2025-09-13T12:22:59.361408Z","alert_count":0,"request_count":2,"received_data":14388,"sent_data":820,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-09-10T05:27:22.464069Z","alert_count":1,"request_count":1,"received_data":377,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-10T15:14:38.264059Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-09-10T16:13:36.348351Z","alert_count":0,"request_count":1,"received_data":90137,"sent_data":421,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"adexchangeclear.com","ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-09-10T17:47:39.250624Z","alert_count":0,"request_count":1,"received_data":1610,"sent_data":793,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"usrpubtrk.com","ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-09-10T03:52:45.79566Z","alert_count":0,"request_count":1,"received_data":534,"sent_data":491,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"waust.at","ip":{"addr":"104.26.4.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":36042,"first_seen":"2016-01-28T18:24:33Z","last_seen":"2025-09-13T20:03:08.692958Z","alert_count":0,"request_count":1,"received_data":12842,"sent_data":399,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"acscdn.com","ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-05-05","domain_rank":18769,"first_seen":"2020-05-06T08:07:13Z","last_seen":"2025-09-13T05:44:04.933285Z","alert_count":0,"request_count":2,"received_data":245404,"sent_data":829,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-09-11T19:57:59.668583Z","alert_count":0,"request_count":3,"received_data":2564,"sent_data":1441,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-09-10T15:27:48.133327Z","alert_count":0,"request_count":2,"received_data":545005,"sent_data":891,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-09-09T22:05:04.732379Z","alert_count":0,"request_count":2,"received_data":992,"sent_data":1534,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.highperformanceformat.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-10-15","domain_rank":366864,"first_seen":"2024-10-23T18:32:34.138968Z","last_seen":"2025-09-12T19:40:03.813366Z","alert_count":2,"request_count":2,"received_data":76955,"sent_data":922,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ia.hackingskye.com","ip":{"addr":"23.109.170.127","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-06-29T12:59:35.547146Z","last_seen":"2025-09-09T23:36:31.419918Z","alert_count":0,"request_count":1,"received_data":1393,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"jxoxkplay.xyz","ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-13","domain_rank":3757661,"first_seen":"2025-08-01T19:58:39.592871Z","last_seen":"2025-09-13T16:12:21.334725Z","alert_count":0,"request_count":3,"received_data":129156,"sent_data":1459,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"aie2jr5kc3.amazonaws.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-09-15T02:31:05.099359Z","last_seen":"2025-09-15T02:31:05.099359Z","alert_count":2,"request_count":2,"received_data":0,"sent_data":932,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ziggo-gratis.com","ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-18","domain_rank":3260928,"first_seen":"2025-07-30T23:32:50.755746Z","last_seen":"2025-09-13T16:52:26.495948Z","alert_count":0,"request_count":3,"received_data":5783,"sent_data":1506,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ziggogratis.shop","ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-26","domain_rank":6977983,"first_seen":"2025-08-10T09:07:01.594087Z","last_seen":"2025-09-13T22:45:18.966114Z","alert_count":0,"request_count":1,"received_data":1834,"sent_data":538,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"zhkj61k3oc.amazonaws.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-09-15T02:31:05.08878Z","last_seen":"2025-09-15T02:31:05.08878Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":466,"comment":"","tags":null,"fingerprints":null},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"18.197.252.180","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-09-12T14:56:43.679471Z","alert_count":0,"request_count":3,"received_data":1275,"sent_data":1365,"comment":"","tags":null,"fingerprints":null},{"fqdn":"qtnhu20mg2.amazonaws.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-09-15T02:31:05.106497Z","last_seen":"2025-09-15T02:31:05.106497Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":467,"comment":"","tags":null,"fingerprints":null},{"fqdn":"amt3.com","ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2004-03-18","domain_rank":8122,"first_seen":"2025-04-23T17:00:21.322227Z","last_seen":"2025-09-09T12:45:24.72006Z","alert_count":0,"request_count":2,"received_data":1662,"sent_data":1192,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-09-12T12:20:34.839934Z","alert_count":0,"request_count":5,"received_data":174691,"sent_data":2318,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-09-11T01:12:37.180085Z","alert_count":6,"request_count":6,"received_data":208167,"sent_data":6823,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-09-13T13:45:06.417621Z","alert_count":0,"request_count":1,"received_data":2521,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-10T15:11:19.040403Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1102,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t.dtscout.com","ip":{"addr":"104.26.11.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2013-11-01","domain_rank":54823,"first_seen":"2017-01-30T04:52:42Z","last_seen":"2025-09-13T11:34:51.044522Z","alert_count":0,"request_count":1,"received_data":2806,"sent_data":511,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"upload.wikimedia.org","ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"domain_registered":"2003-03-16","domain_rank":4329,"first_seen":"2012-05-21T09:39:45Z","last_seen":"2025-09-11T15:56:30.249699Z","alert_count":0,"request_count":1,"received_data":1787,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-09-12T07:36:01.738236Z","alert_count":0,"request_count":4,"received_data":208581,"sent_data":1888,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"rashcolonizeexpand.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":31106,"first_seen":"2025-06-27T17:12:36.133274Z","last_seen":"2025-09-14T04:26:49.673169Z","alert_count":8,"request_count":8,"received_data":12339,"sent_data":7535,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-09-09T12:45:24.902846Z","alert_count":0,"request_count":2,"received_data":221998,"sent_data":818,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bb2r.com","ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-03-18","domain_rank":24075,"first_seen":"2025-03-14T09:34:47.773587Z","last_seen":"2025-09-13T12:23:00.081396Z","alert_count":0,"request_count":6,"received_data":236147,"sent_data":4426,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-09-10T16:56:51.518632Z","alert_count":9,"request_count":9,"received_data":22847,"sent_data":8252,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"97d90403017316b65558615b68458690","sha1":"08c2f0a4598b63245e7c7636efd5709cdd58ab35","sha256":"0a9263cf802243c10ad4ba654d3c1fccb07585233ce994a7851f8ab15d9cd6ad","sha512":"75dec5f882b99a9b6f62803a52246962e41793a0ba21923ae49fef20fa5f22283765d6b820fe7b7ab0514ebc629fd34468bbea10c6a460fc1ba781c96ebe1d3c","ssdeep":"","tlshash":"a3c02bddf104f3548063cc300c7cd180e31d8c10355d00533cd81c298260850c6c23ad","size":139,"data":"","first_seen":"2025-08-23T14:45:24.764837Z","last_seen":"2025-10-14T10:38:27.788433Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"78a6702d966a64ed29eca96bfefed3de","sha1":"cc38ab49fb9cf0b5dfe3639378bd12af22ef1c0c","sha256":"00f32959faf141840611a9e3f434a6924cbcd843de990bb5df8ad037b9f8d095","sha512":"2b6c83fa444ad44b55fcced6f581d11b7a8e1e4339769b78b124e257de6526d0e1f7f2a974311d2a5e92633a22ff4846ee52276703d73de4dca305a5eba4be29","ssdeep":"","tlshash":"8d9002e65045d01019e61142772273497932159931451002821a4115301192fcb51594","size":52,"data":"","first_seen":"2024-07-11T01:38:35Z","last_seen":"2026-04-05T23:24:34.865121Z","times_seen":865,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87c725e214683adf9b74663ff14946ab","sha1":"ccbe1b6c564d65ad51f1488627d8ea8d1e97e131","sha256":"93e773869f7f7e03ab47466b60c2b9113b1da6b969d5963c03678e5a4c0e0807","sha512":"1e58750aa931cbda42301559e3502f01877a49aa3dd6384fc9146e4ea9e24bc11fa94db7a17ddb522aa2b4ccdf51c65f21329abb1c5cd8edc69bc22fb90f980c","ssdeep":"","tlshash":"fe1121ad306572be1ba315e4a137974bf271117c605c04324b5dc8f5ac75caf8623ac8","size":1000,"data":"","first_seen":"2023-05-26T08:35:46Z","last_seen":"2026-04-11T06:55:21.869124Z","times_seen":5323,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"305b73d687899744dd8d87e296934d16","sha1":"360dafbfaf353fa7f64d748ae907062aea11ecea","sha256":"25899f94fc997e29cd4028d8fcd632a0026cce0495189f671c73b41abe24fbe6","sha512":"1f14eec0aaa4d420a2964c07a1424b7c07472b4f13974b65de142ce98e3e95bdafeac2e2d02eac9220ac1c4c8e1403bf6f969fc4bd254fc2380744daa654eb75","ssdeep":"","tlshash":"7ec08c681e403f10e201348e1f0823896cd147db3cb2062a5b38701076ca037c390c88","size":145,"data":"","first_seen":"2025-08-23T14:45:24.768221Z","last_seen":"2025-10-14T10:38:27.791657Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aqle3.com/btag.min.js","fqdn":"aqle3.com","domain":"aqle3.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"17ea1002d3cdc2a66b35ef893e72f6d1","sha1":"8f973a53a336bb7c15bc385a201af1fba8578af4","sha256":"76b71ec9dace7756039ed4466f8863e27b302530a2283cf5260bb3bc39fe9c7a","sha512":"46b7b31498222c8fb106040df871cc857888620959c219cc2ec7f66250d71c34680d43de3af8858566132a42e1722f2afc828a196a600f74e7a3d08515a0af61","ssdeep":"192:6KfsrGxbTmXnk85/ZgrqXRoJYAF0F2cKI6cU254PD:1KGxnmXnj1X+JYAF0F2cKI6cU2+PD","tlshash":"12d1d83e3bb42175b18c068d347f6b68fb6ab52467124c74b24cedfa6310c9264ba536","size":6301,"data":"","first_seen":"2025-07-31T19:55:30.99116Z","last_seen":"2025-11-25T08:25:16.302375Z","times_seen":255,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b50a7599a1cd871d2b379f9ef0b04aa4","sha1":"66783a5680bbf18a422b0ebf586f787abb91f56f","sha256":"94ba1e39aa22b534544bd907ddee33191396ded56a47cabf861e12ed65780385","sha512":"cb2dfa3c11be87aa80067ec44a034287bc817644e0e5c0bec92f0ec539919e362b7f1f14e9341a055cb68ab709bbfb41c1c082387d7b698b96b719ece4a2502a","ssdeep":"","tlshash":"2e90008c888f00e0ea2008002bac008038b022038222f0e0b00ef20c0f0838c280b0c2","size":45,"data":"","first_seen":"2024-07-20T17:31:12Z","last_seen":"2026-04-03T22:34:53.973345Z","times_seen":487,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/suv5.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3271f15b2fa03cbfe804d891a4d1bea4","sha1":"ba0ebf448794037fa0cdc3f7d3a103e61894493e","sha256":"ec4add2cef8de7dcf48c93f7f83ecec842fee54b4e1ae3ae8ba67b1da1edfba8","sha512":"d6dfb9c2252f4a7dc3681f19e9c36ae5759a4ef08283d47493adc7f85bf76a092cc557a2a18cb13ac7af57626c4f9551833c53fd8ecddd86addc866cfac78b2a","ssdeep":"1536:LOFHKIV5GuKbOPNXN6ibR+6ry6j/IYOHSD/u/NNU48WQJFW4gkzwi/OsWVhL/Tyw:LYqmzIOVg6W6jUHSDm/NWu4hzihp","tlshash":"e293c649bad2f0e86be365e4842f5646e1772a24740d98d5fab6c5c19839ecf4033e3c","size":96855,"data":"","first_seen":"2025-09-11T10:47:57.233286Z","last_seen":"2025-10-21T05:38:50.883718Z","times_seen":518,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/apu.php?zoneid=9590480\u0026var=9590470","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"10614e7662c913d7aa31239e8f595686","sha1":"d995375d17299e4a58ba4e2eafe3ad60a16cd280","sha256":"192794c1aa59cefea746c044903255eadcf26d46c4aa3ffcb939a3e4e613c9a5","sha512":"c293cca2f7de43cf80ed4edaeaea809910ebe8a18973304fe5f54d5c4c444a498e5c248eae7a80e29aea0533de61919435df5e38b402b6996f370fafc16ad109","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO2E/:LOtX93Mf3UAQbaC76GEBwO2E/","tlshash":"b6b30b98625334716d7a9139385fc44caeeaef80148e89e4d4d9ac732653071d3bbfe8","size":114823,"data":"","first_seen":"2025-09-15T02:31:11.875079Z","last_seen":"2025-09-15T02:31:11.875079Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggogratis.shop/embed/stream-18.php","fqdn":"ziggogratis.shop","domain":"ziggogratis.shop","tld":"shop"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"99f22c695060445a3be86231f6659752","sha1":"c18a0f357740bfa9b034f8750536d93a44aae8cf","sha256":"a59b07161412c9318839c5c772bf9ff4b746e2261690bd305a56efe65486ca9b","sha512":"b6b1e6a41c44183ead41c621ef735154703cb7259ce1a5b3342d645f97635aea184dcf2ca10121570d03f759f2aaabcc9130ad721f4daa2de3ad56f6e18564e0","ssdeep":"","tlshash":"f5c01279382466741c6914ae7036d7ac7df330147a537810805dc8689a74ee75c52c99","size":189,"data":"","first_seen":"2025-06-28T16:00:02.454558Z","last_seen":"2026-04-05T12:53:51.583756Z","times_seen":164,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b9d55a4af1077a11ef179a7fbef88ef","sha1":"96c569fa3f52c3b81a33cd42b9c23fba737f72a3","sha256":"c548281ee18156b66358383e070e1b14ab942bac77ace39abc922186af4839ab","sha512":"4fbf1985ab1dfdcd4ea95c2a4aaf1d5e26cbdf2e5acede073ecc75c352874914df194668131c409d10b68a446a6f9f212d3c6cae1d65778c232b2107fab037e4","ssdeep":"1536:KOtQiEOxh8M3MCBCskobqUY3LghGVHtg7aC7n6wTEjtwO2C:KOtX93Mf3UuQbaC76GEBwO2C","tlshash":"c2b31c9c625734712d7a9129385fc44d6eeaef80048e89e4d0daac732653075d3bbfe8","size":109819,"data":"","first_seen":"2025-09-14T07:40:18.844336Z","last_seen":"2025-09-15T02:31:11.812811Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/76/82/d6/7682d6bdf02cae1f1545b579943917b0.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce2600bf08f8ab8f932aa29763aa7a1b","sha1":"c75112ae1ae96497b9eb253ed5a87bccdc940250","sha256":"060b10cba37b625d649daa021f9d3fe1244e174b0946ea94bd7be3221eaffc3e","sha512":"c0dec61630e15dd9a578b75190089f6d68b89bd039780fd234c65210b03c0b0a5e6e6267ff3022c57c65cdc08a635ff870e0bd252d10d91f87ae21e2aad79792","ssdeep":"1536:WV8IsE162TOup6SJr5qQLHvuiCh+JAxy1m7E7t1u9DHto:WV5suvnbkAmY","tlshash":"f4b3c68c3f7ef02d16b6a037223f6416e15a0d0140dce5ace117dde83a6c79ae57da26","size":109662,"data":"","first_seen":"2025-09-15T02:31:11.859046Z","last_seen":"2025-09-15T02:31:11.859046Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7db9b47ff93af0a1c5ba69cf2f6b295","sha1":"7bdf6a8a7c8d12fd0d810d9087b6b086dacd21d9","sha256":"93c52cc00c74bc2caa38db30b60eadeb54782e3d41ebd64a706cae7adef685ea","sha512":"d3cc48ca3dee29bc8651cae7b1404aa6024378389cbcaf46f57524da3e02fd84ec52732dc1a612c08f6035b09a2582bd562d4d7596e53892c921253ff0e0a9a7","ssdeep":"","tlshash":"70c02bf8c100f7440056cc041d6cd1059210cd913c9a003f2bf034330380502c2d1bac","size":140,"data":"","first_seen":"2025-08-23T14:45:24.791654Z","last_seen":"2025-10-14T10:38:27.807284Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d44eb2ce6ebe7c67ee17dabb75594165","sha1":"febf94238fc08d44b037bf8dbe089bd09e8f9ffd","sha256":"765581c4ca154b7905a88168d561c14da9306cc124dc7765e2b664c434adba5c","sha512":"8882525c05c3b616d07d83116634669340e09786c9be746aea37e670f365de1f596372bc593c320a41d99b7c33560fc0a4f23923c0cf01fb0ab7f8a4b46d4a0b","ssdeep":"","tlshash":"90c080b765e99530145400da3076d7e97c743118755270c4c89dbd1da978fd30861c65","size":179,"data":"","first_seen":"2025-07-26T14:15:25.404166Z","last_seen":"2025-10-12T18:48:40.978063Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b8132a39f32eaa3cb255cf452b3c13ff","sha1":"7ed25a46546897093144b30f3a31f69a79d5e6d6","sha256":"8a656af86a08f425924328485008a04d857a17b6ea9aba0fc53ba5fb2158b715","sha512":"a320ee49d60bf2d1d5c5a19ba70beb907bbd5671c8b2e3090021f3beb9ea8ab7af70149f110785269eb25b98aabb9726638bd048b47d84d8f2697ad37091813b","ssdeep":"","tlshash":"fd41fb3b594a339004adb17706c4661c799ad19d1f13b6c6f94c8b50635c3fe43bee54","size":2046,"data":"","first_seen":"2025-09-15T02:31:11.890707Z","last_seen":"2025-09-15T02:31:11.890707Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc2189ceca3f269872b11241c83bd692","sha1":"1de454e00b5d297384e6433162f06357304b129e","sha256":"c620d7d45da6fb741a6d1cd7e11a5c653742ed8a6e6291599f7778e77aeeedd6","sha512":"1ba8fa990e8c8d9ee17ffea6e6b3b86f9d03e1e754a64351be49e3ea755058131f5b5831efe822cd82c8297bc804ba74ce0d1c5d6420fb4fd5dd248536da5740","ssdeep":"","tlshash":"37c02281a2700bf000a620d427426c04e48424e2ceb030f31318040cea1308b871c171","size":172,"data":"","first_seen":"2025-09-15T02:31:11.893205Z","last_seen":"2025-09-15T02:31:11.893205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc50885326e2030dd62ead98538af3f1","sha1":"01b10184d9aec98e385443aef6faf55c60e802bc","sha256":"c48c175da9e4242ca4264634969b3a0e2780af8c1ab00c82be9b4993d0e36588","sha512":"8846720e8ac1ed8251789103db194c2b93cae60f416f5c92be8be8b301ddf3d9b13bfd9829ecd61116691d068f9ec2353372d532179bbf0cbb08b75108619f69","ssdeep":"","tlshash":"f190026b01a1c4565662241c4a1dcd7d50590447890865dd3a8c61b58b140945017908","size":56,"data":"","first_seen":"2025-09-11T04:00:30.044303Z","last_seen":"2025-10-12T18:48:40.98856Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"04c55ae2607965198e63f6de2e68d0e2","sha1":"854c6b673dd1805d09d015169162d3689383a542","sha256":"7933dbff4b8b96a08fd5cde5e89a3da268a6f5bdddd19a1019ddcf0c0d518ce7","sha512":"97fe1c936fd6e134b192868b65e82c03c6a5cedac9823a38c10ba0e9e63090cfe99356f09c3d21ab661a6ca625d942a819c05031e9881ae97e06695e35354092","ssdeep":"","tlshash":"04c08c84bb05b121f9ae3cae1f3003c5bada020221362682ec8c5c44f0a14b28301089","size":145,"data":"","first_seen":"2025-08-23T14:45:24.759213Z","last_seen":"2025-10-14T10:38:27.798963Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/5/9590469/?bnr=1","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e83dd758fd4f3e94431da1a76317174c","sha1":"2c868e430101952bf3e4c551e64493264676852b","sha256":"5645954562b07cc829ca0106fc33c4e14849c367362d07bf7ac5c861fb9536ad","sha512":"6b687ced0ef5a23179d0d9a3b9fc2238537cc21f4438054cbcdbb92091da2c82f7d8b497d42ea9f95ac81657481691d62fcd4c2796a95226eeadaec22605f00e","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO26UE:LOtX93Mf3UAQbaC76GEBwO26UE","tlshash":"7fb31b9c625234712d7ad129785fc44c6eeaef80048e89e4d4daac732653075d3bbfe8","size":114840,"data":"","first_seen":"2025-09-15T02:31:11.810274Z","last_seen":"2025-09-15T02:31:11.810274Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-11T12:56:47.653722Z","times_seen":210357,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d07b60be25a3b7227f518a2d3a76b92","sha1":"a1c6fb8a62c1b07877917a05b44a227f2529d7ec","sha256":"010dc54e77a6a228812592255ee8e7d2a97f2950076ce18e28d2e8339c48a13e","sha512":"33997909c955ade1fa366a75751c04045b1966f57f90adbae70adad212b690ac0f1e2fe92f05fbce64b31a69a457babd83f68d865179179678f58adea245bf87","ssdeep":"","tlshash":"345152f26c93de513292d0590cafc93f701489db30a195237e4e7fd4a944e6ea07b12c","size":3052,"data":"","first_seen":"2025-09-12T05:50:23.693078Z","last_seen":"2025-09-15T02:31:11.902763Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b2209c10255a94d6e5950e4dcc2a5769","sha1":"238bbc15bcfd453e31f3123e25106ba1d9095e01","sha256":"677ca44525ae2096b2ec21fe393b29c332101b606f4ffd36b89c1180809abe08","sha512":"71ae39c79ae01787d50cfda59230c13850039aa00c9ac7b53c013b72ff31e429bba680056684a528fffee3f4b38f3e76d936e8d769df1dcc1f4e02965acac0f5","ssdeep":"384:+v0a/K7iYFRdYtGm0Qen9tO69aI8tAUeNDaUGRQ2t4PpBahqoo+KXnS7YhfGMOIf:+K72GZQ80GaIoQPzahq/AMOY","tlshash":"3cc2e4a7321eb91a8719626150ef2ec5a2cc48c4718f1b78e724e53634d763485ebef8","size":27965,"data":"","first_seen":"2025-09-15T02:31:11.904452Z","last_seen":"2025-09-15T02:31:11.904452Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"c0a662aa138e9ddd54cd7c6142e46012","sha1":"b4bdcefe746254c3fc568747e729b28ed7672283","sha256":"adfac33283745fa745658caf3a9f5eeb35471a7eb332413d4056027685ca242c","sha512":"54c5a02647119cc42657ec9cf1074b74b47ebb9e87accd117737fddc6245b1535b818e4bc678d3856ca34d310ff296d0d7a46ff9bb7098fae3514c2db1be3fa6","ssdeep":"","tlshash":"0c31b7aa89d3c5d582e5c03e24bf09293ff2d25fdd191a400769cc0e67a20119766df9","size":1561,"data":"","first_seen":"2025-09-15T02:31:11.907581Z","last_seen":"2025-09-15T02:31:11.907581Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ff0d226ce0b86aa40f515f566c60528a","sha1":"2af238aa7b7e189d8342443f653f8574c4f3e57c","sha256":"d70a04534c8db427e8737a09df3858429c7dda9874f5d6ed9041bd984130236a","sha512":"f56e0829050142a29c34553943f8be20e9ea728abdd42f2347135c13a2199a9d96544fdc08579d57e0569423d4aa597105a039ebab86ea6276b3ae2e94905ee8","ssdeep":"","tlshash":"afe0ab2998e706384cf63a442039ca7934fc38a4aaa3d057625cc82ccd79fc50c00eec","size":424,"data":"","first_seen":"2024-05-31T01:53:55Z","last_seen":"2026-03-22T21:20:40.875286Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f308931e6812dea9a21f30c0978f60e","sha1":"d6c2dae96dc7ed20b7d58da5f6847d357c0c3bfd","sha256":"9b36620dc27723707bc9cea884f40fde35f678b1e45f462bc311902cff6e9412","sha512":"8a16b651d0a5b5c9c5aae4c6d08b1549e98cc5e15082164c8508e11762bec9ca98a461272fee8ed08c0fec5eca530a4c4b63410c956faeca8414bffab6713b98","ssdeep":"96:toz9bT+cjTPf5XWr7k9gblGucoJ9QsSIIX1/DUCfMEDaH:6zwwT5GrQUGoJixbUCkCaH","tlshash":"9ea13aa5bcd7b4b04663903f06bb92183aa1c10f5d18df81be5cee051b70a914f66ef8","size":4848,"data":"","first_seen":"2025-09-15T02:31:11.911137Z","last_seen":"2025-09-15T02:31:11.911137Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/3aee509c2c8c8b02c504f8f11f6c6921/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"080a9029deb48cefbb8765459086073f","sha1":"5e7572bbd225b67e017daa11f46ef6905def87d4","sha256":"0e5d55bc2806ef6948c7ac298a6c36b1455df52676315b246502c301891fb181","sha512":"c0943b33dab7f7dc9ed79274cb0a0af7d95fe4f6ff56bd532bc1d028f8d3588706960f1a2e0301dcb709e68ba822cea6727e6fc785cf1d6e3d11fe27339ee515","ssdeep":"768:MBY6ccuLFYdYjHMjYZ6lRtsF8Yg1L/lUUYEFYLetqz:kHc7LF0Y6HO8Y0L/qJEFYLetqz","tlshash":"fff2f7883fc0b3d456ab2867337fd01ba1955d04a54cd098e927f0e92de876af727b60","size":37590,"data":"","first_seen":"2025-09-15T02:31:11.819844Z","last_seen":"2025-09-20T14:53:49.644723Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/c.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.4.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1da4c7bb0f7222312108bf4c5a68c022","sha1":"14ee17f842582996cd4fdea2c5186efbfa30bf1b","sha256":"8b68a03f3760c4285d41df81b4d452578dd8d10ba8858bb3addf94e58b94467f","sha512":"141947ef379728dcf0dc848dd99f3aeab26d869083f27976850951316058e8070b214775804a35a752fc0e7404afe11ea9b4ab986c58a7bf4734140745dada2a","ssdeep":"","tlshash":"f511027a35067539a6f79070512fb7413532b0b66a46a0c1903ce4bc5864d1f015fecb","size":1000,"data":"","first_seen":"2025-04-16T10:55:46.994828Z","last_seen":"2025-09-25T23:17:43.786924Z","times_seen":195,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/53e378cfb27847b2216676ba795c0d37/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"875606379f53b39b4b271e0cb578eb6e","sha1":"2b6e97d9c195fc001eaf6a628752159cb01853f0","sha256":"bed3b1a3273e4744ee46e6ad5233656cba71c5e28373122aaa559feaba70585f","sha512":"f5604dadf2bee1247d9727966b09088393b2bf1afad1684431c583c57ea1d931ea850471100216a0369e6c823b159779b7ef8e45da8cb77293c957386903f461","ssdeep":"768:JBd6ccutFYdYjHMjYZ6lRtsU8fg1L/lUUYEFYLetqz:bAc7tF0Y6HB8f0L/qJEFYLetqz","tlshash":"eaf2f6883fc0b3d456ab2867337fd01ba1955d04a54cd098e927f4e42ee876af727b60","size":37655,"data":"","first_seen":"2025-09-11T04:00:29.992584Z","last_seen":"2025-09-15T02:31:11.834955Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"6a68c95cf0bc90fd6d954192dafb6efc","sha1":"bc6b8dd793959ee13c26cadeeba768932d796933","sha256":"76d301a94b98cb891e41f21381bff0e6ee90148df3efa621714026eb5ba4dfc3","sha512":"433a41dbd0155db5bb484cf1aa1c2a796dd21d1a437d7d3e5ad6fd0de76e798c1b612d24e522c75b5802970798a7a8358b80b9413e2465bbd245023c26493b16","ssdeep":"","tlshash":"b450000300030f000c000000000c33003303303000c00000000000c0003c00000c0000","size":10,"data":"","first_seen":"2025-09-15T02:31:11.91478Z","last_seen":"2025-09-15T02:31:11.91478Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-11T12:54:00.067673Z","times_seen":608757,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b9d55a4af1077a11ef179a7fbef88ef","sha1":"96c569fa3f52c3b81a33cd42b9c23fba737f72a3","sha256":"c548281ee18156b66358383e070e1b14ab942bac77ace39abc922186af4839ab","sha512":"4fbf1985ab1dfdcd4ea95c2a4aaf1d5e26cbdf2e5acede073ecc75c352874914df194668131c409d10b68a446a6f9f212d3c6cae1d65778c232b2107fab037e4","ssdeep":"1536:KOtQiEOxh8M3MCBCskobqUY3LghGVHtg7aC7n6wTEjtwO2C:KOtX93Mf3UuQbaC76GEBwO2C","tlshash":"c2b31c9c625734712d7a9129385fc44d6eeaef80048e89e4d0daac732653075d3bbfe8","size":109819,"data":"","first_seen":"2025-09-14T07:40:18.844336Z","last_seen":"2025-09-15T02:31:11.812811Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aqle3.com/btag.min.js","fqdn":"aqle3.com","domain":"aqle3.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"17ea1002d3cdc2a66b35ef893e72f6d1","sha1":"8f973a53a336bb7c15bc385a201af1fba8578af4","sha256":"76b71ec9dace7756039ed4466f8863e27b302530a2283cf5260bb3bc39fe9c7a","sha512":"46b7b31498222c8fb106040df871cc857888620959c219cc2ec7f66250d71c34680d43de3af8858566132a42e1722f2afc828a196a600f74e7a3d08515a0af61","ssdeep":"192:6KfsrGxbTmXnk85/ZgrqXRoJYAF0F2cKI6cU254PD:1KGxnmXnj1X+JYAF0F2cKI6cU2+PD","tlshash":"12d1d83e3bb42175b18c068d347f6b68fb6ab52467124c74b24cedfa6310c9264ba536","size":6301,"data":"","first_seen":"2025-07-31T19:55:30.99116Z","last_seen":"2025-11-25T08:25:16.302375Z","times_seen":255,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"050b5a0ad9f7458670c72678a08cd8e2","sha1":"017af20eb16d79b0b8df683c60572ce68a9f6b4b","sha256":"8d183968817758c0733bc76d601ed4f25efbcab298bb220780eb085906aeb0fe","sha512":"c7e403ccb6fc8b667c8003abc07ae377bab257f8ce5306bfab1f2ed5cbb5933ba7ed74a62f82357b6047c815d70b519b1308a12564c2d6607284f6c93aadb2fb","ssdeep":"","tlshash":"aa310a7a0a195c6d479558be161a313e27e2445ffbddcc22152c7b948334a418d2fca8","size":1564,"data":"","first_seen":"2025-09-15T02:31:11.918149Z","last_seen":"2025-09-15T02:31:11.918149Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc2189ceca3f269872b11241c83bd692","sha1":"1de454e00b5d297384e6433162f06357304b129e","sha256":"c620d7d45da6fb741a6d1cd7e11a5c653742ed8a6e6291599f7778e77aeeedd6","sha512":"1ba8fa990e8c8d9ee17ffea6e6b3b86f9d03e1e754a64351be49e3ea755058131f5b5831efe822cd82c8297bc804ba74ce0d1c5d6420fb4fd5dd248536da5740","ssdeep":"","tlshash":"37c02281a2700bf000a620d427426c04e48424e2ceb030f31318040cea1308b871c171","size":172,"data":"","first_seen":"2025-09-15T02:31:11.893205Z","last_seen":"2025-09-15T02:31:11.893205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/center_banner/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-11T12:58:00.203848Z","times_seen":10666,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc1a87e6af40eddeda829e8ce31441a5","sha1":"1632344a3fa4ea838311f9fd65b40f7d293617d5","sha256":"d3467f48718d03035285a8283f4775c798720e543e2091ea79f67b0170ff721b","sha512":"929dbd967e2f409052e37dccf7a290959ec262cadf172e133135ff72dcf36944181e73c03672f0303cb9e3e73ccc16a1806ec7a721e315bd50baff8fa1afe3a5","ssdeep":"","tlshash":"ba1121daa5a07680696f21938b0e9691fa4ffcb0649dcf78811ecd325183039d06bdf9","size":1000,"data":"","first_seen":"2025-09-11T07:26:20.113994Z","last_seen":"2025-09-20T23:29:25.982456Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"877dcda056c52340295ca8248f815c7b","sha1":"86f57e8d69fb82a54769ede0248c0562ed57f877","sha256":"2997a954f7bd016b48d8ea8436258de0e2ff4fd2832b26eeaee1d579daeea6f8","sha512":"cfa3b5c7e4893500c6216517b67f02396ac4d47ec72ea5793915ab45acf1b5798ea22cc2f37ebc0a3cb3df50599519cc8b620b1ccd53af5ef55f9b3cd690a6c5","ssdeep":"","tlshash":"9b214b6b115a43a072d2f17ad20e73d4ba2181dddd0b530b360a098e1ed0bab17f5aa5","size":1289,"data":"","first_seen":"2025-08-29T10:29:54.939118Z","last_seen":"2025-09-20T21:00:37.971562Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/5/9590470/?bnr=1","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6bb237a712e60228212efa5c90f4d64a","sha1":"4883f3b5f8a99cee4d56dcb05260ef6188c832f6","sha256":"233eebc974f539eee632ed7d7f64d386120db08023a093698cf17829df79bbfa","sha512":"12fa7de17f9f6a7024ef3f3219c3fbeb9352ff496158a2cbe8bdca2b9f2ab0297881b6b319e81d66df61247892cf4ecae67a0ecdb6c2955296f9f01d3963c9ea","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO2a2g:LOtX93Mf3UAQbaC76GEBwO2a2g","tlshash":"45b30b9c625634711d7ad129385fc54caeeaef80048e89e4d4daac732653071d3bbfe8","size":114860,"data":"","first_seen":"2025-09-15T02:31:11.836599Z","last_seen":"2025-09-15T02:31:11.836599Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ia.hackingskye.com/ryVBn0ITJKVv/69521","fqdn":"ia.hackingskye.com","domain":"hackingskye.com","tld":"com"},"ip":{"addr":"23.109.170.127","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-11T13:01:57.333966Z","times_seen":15285,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc2189ceca3f269872b11241c83bd692","sha1":"1de454e00b5d297384e6433162f06357304b129e","sha256":"c620d7d45da6fb741a6d1cd7e11a5c653742ed8a6e6291599f7778e77aeeedd6","sha512":"1ba8fa990e8c8d9ee17ffea6e6b3b86f9d03e1e754a64351be49e3ea755058131f5b5831efe822cd82c8297bc804ba74ce0d1c5d6420fb4fd5dd248536da5740","ssdeep":"","tlshash":"37c02281a2700bf000a620d427426c04e48424e2ceb030f31318040cea1308b871c171","size":172,"data":"","first_seen":"2025-09-15T02:31:11.893205Z","last_seen":"2025-09-15T02:31:11.893205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc2189ceca3f269872b11241c83bd692","sha1":"1de454e00b5d297384e6433162f06357304b129e","sha256":"c620d7d45da6fb741a6d1cd7e11a5c653742ed8a6e6291599f7778e77aeeedd6","sha512":"1ba8fa990e8c8d9ee17ffea6e6b3b86f9d03e1e754a64351be49e3ea755058131f5b5831efe822cd82c8297bc804ba74ce0d1c5d6420fb4fd5dd248536da5740","ssdeep":"","tlshash":"37c02281a2700bf000a620d427426c04e48424e2ceb030f31318040cea1308b871c171","size":172,"data":"","first_seen":"2025-09-15T02:31:11.893205Z","last_seen":"2025-09-15T02:31:11.893205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc2189ceca3f269872b11241c83bd692","sha1":"1de454e00b5d297384e6433162f06357304b129e","sha256":"c620d7d45da6fb741a6d1cd7e11a5c653742ed8a6e6291599f7778e77aeeedd6","sha512":"1ba8fa990e8c8d9ee17ffea6e6b3b86f9d03e1e754a64351be49e3ea755058131f5b5831efe822cd82c8297bc804ba74ce0d1c5d6420fb4fd5dd248536da5740","ssdeep":"","tlshash":"37c02281a2700bf000a620d427426c04e48424e2ceb030f31318040cea1308b871c171","size":172,"data":"","first_seen":"2025-09-15T02:31:11.893205Z","last_seen":"2025-09-15T02:31:11.893205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"f0707f3b5a5317b732c01d7fdd5fd2d2","sha1":"331f4402113ffa540054053b5340d5b0889f103a","sha256":"137703e6b7b2ff1fe0a3cc8f57d54270e85e1046a547b146edc07db74e323a82","sha512":"65d8e6adba9855b8f3522ea91850399bc2a0646483fc7351c577b25dfa80d9c15714da02173770ff9d70b3b4ff9b8271fbb768d074fe3c78e71ea5bf58c31404","ssdeep":"","tlshash":"e450000c000003000033000300000003000c3cc03c0000300f00000c00000000300033","size":10,"data":"","first_seen":"2025-09-15T02:31:11.92262Z","last_seen":"2025-09-15T02:31:11.92262Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/apu.php?zoneid=9590485\u0026var=9590469","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"943964f27b03f21fdc4673ae34f73b01","sha1":"b5a681cf6611e171367515fd0670fa69f32be1e2","sha256":"00c1b6309f742a288d63bcd63b6fb6665912dbdb56a7362d78be5b2dbf466230","sha512":"bc99d5f7bb8c6e237b54d0d0a3fd3a86ae80d78a3e2d9ddb310fef3d93e3611ac13765643ba2ed572522d10a349f489a46d69a9058e2b857f3b9dea6eccc962e","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO25H:LOtX93Mf3UAQbaC76GEBwO25H","tlshash":"14b30a9c625234711d7a9129785fc44caeeaef80148e89e4d4daac733653071d3bbfe8","size":114880,"data":"","first_seen":"2025-09-15T02:31:11.840303Z","last_seen":"2025-09-15T02:31:11.840303Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc2189ceca3f269872b11241c83bd692","sha1":"1de454e00b5d297384e6433162f06357304b129e","sha256":"c620d7d45da6fb741a6d1cd7e11a5c653742ed8a6e6291599f7778e77aeeedd6","sha512":"1ba8fa990e8c8d9ee17ffea6e6b3b86f9d03e1e754a64351be49e3ea755058131f5b5831efe822cd82c8297bc804ba74ce0d1c5d6420fb4fd5dd248536da5740","ssdeep":"","tlshash":"37c02281a2700bf000a620d427426c04e48424e2ceb030f31318040cea1308b871c171","size":172,"data":"","first_seen":"2025-09-15T02:31:11.893205Z","last_seen":"2025-09-15T02:31:11.893205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a774e3f3f50d990ee426b47a7a5e033","sha1":"9aa8984d60feb823b28791881bf02f3a0e9caf1c","sha256":"b869dcaa9146835641bfdf2eb8f89a7333dfb5b3e3acb61cf77f5bdc1488c281","sha512":"bc13482b39099c513154042ebb239bbd84fae0b144176f3a294fb46cf1734bcf7add238bc70c416bbc3332e8ef6a36236b3570f6c9c8ad65a1aef2b805f1356a","ssdeep":"","tlshash":"0ae026283db7e161012734eb2b3ec0526226c01dad24d78298feca989dd0ff00926dd0","size":332,"data":"","first_seen":"2025-04-16T10:55:46.992611Z","last_seen":"2026-04-09T22:38:46.669862Z","times_seen":474,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl27200752.revenuecpmgate.com/1f/f0/9b/1ff09b7e889907be3339c33a3eb5f1f1.js","fqdn":"pl27200752.revenuecpmgate.com","domain":"revenuecpmgate.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"be3db27d4e887d6e7bfc3aa4e77f8361","sha1":"bdfff07741d4f42245c07bb93447e16ed6ca45ac","sha256":"545f505199d3913209372d239d4cfa8b4e7d547358af16ee6d7374bd65b49551","sha512":"3b36aeb88d9ad6cda9d2a59f0737ae15bb6f5011cf4780d4adfdd31612e78682b1986c80999a277f4c94a16d617598d87e5956775e0c35dcd76ea59fca985937","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170BUEtlIJk73I:TD8vCGVIl+R3Etl2","tlshash":"dfb3b7887f80f56c115630b2232fa05af2e91e41a8ccd548f557fde92a2d377b439a78","size":110144,"data":"","first_seen":"2025-09-13T22:45:24.344071Z","last_seen":"2025-09-15T02:31:11.845671Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"5a5a186cd7e1c97869055bd5b3292e65","sha1":"ab6e86169484e8b68d783577cb09ef62fc49dd33","sha256":"919ca290de6e48e250056ae8ead67021549663a895db597a3145aae7f491af6f","sha512":"b75e668d7a53d31aff6d3ac79be228ab1a4020bfb4cc537b344d86e9ce3cc444dc09ae6c206c32ddbe04617e0bc4d8c38c7fddf83c3d657a7067269ebe3bd7e4","ssdeep":"","tlshash":"7a41e879706b39b14723d2b707dbe3986a58c10d0d1a63d1796deb402368d930666f64","size":2043,"data":"","first_seen":"2025-09-15T02:31:11.926083Z","last_seen":"2025-09-15T02:31:11.926083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb3785794fc9e51895362074666a8f25","sha1":"344ca4205286a577582aee803e4966f9980b1633","sha256":"2e3037c9c34d5521af8bc1322daf5c183d5da1526415d51187f3b6dd3328c19d","sha512":"5a966a6b165aef458cee840cce44e245505b9f7a5b63ed86c301ec619eced804276b59e0c502219677fdbbcfcf93de20924bb552e29460974950b2c8c679d9ee","ssdeep":"96:qoz+wSjgyJhHtP2Uj1b9fVIQtviyp/f1/DKCfMEDaH:HzmjbH4U5ZVIQ1iypFbKCkCaH","tlshash":"2ca1283a1d852164052a307f1ab6610c39a1900f7e42ed06fe4cfb005b387e48ebed98","size":4855,"data":"","first_seen":"2025-09-15T02:31:11.92846Z","last_seen":"2025-09-15T02:31:11.92846Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/ac/0a/fc/ac0afcb234395674cf9c884567e539b9.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"87f041f2eaa4d7b6ca9095cdbc3c1be0","sha1":"567ca4f5801d55f3606ce92e974bd02fdd1c98c6","sha256":"11ca98e7e06dd3c37e01cea33bc502880bcaa980be296e756501166c2edd8b9e","sha512":"09030dd4995cea123557460d2720ba1a7594a1f1bd18af90fe578d54daed10d09d340df3abcd6dcd298aa19df348be02ae69e04059ee31f4d5939186ed56ae9a","ssdeep":"1536:NxxKuAEEm3pEEim4mOdMJ6mXpH1fPzdsRt:kuAQWRHmUMJ6m5Jwt","tlshash":"b273c8897f50b05cc3da6577322fa40af06a1d42a14cf45ce122e8a4ffaa71df53b958","size":76458,"data":"","first_seen":"2025-09-14T22:05:17.824605Z","last_seen":"2025-09-15T02:31:11.829707Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d39bdff3b210d3fd0f4ccbdd5b7c8b48","sha1":"6fc13adc9d5a07556e632eadd1b7defe7a06b378","sha256":"cdb22abe5ea2303bf24e166493036d483ded4da2ba3f636d542dec7d06438da1","sha512":"2bd914ad0d0bfa0f7d6fd73626851daffab44d41e56e8293efc64c58154df6ab3582094b5c97c80897db6f3662901da8260a77b4968370ea2a5ae1c8384cc225","ssdeep":"","tlshash":"57c08084e5655fb014f714c62f061e1de1dd1d978ea420e3530c5405e693587d7991e7","size":172,"data":"","first_seen":"2025-09-15T02:31:11.88852Z","last_seen":"2025-09-15T02:31:11.88852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"da82194a183686cf8d7399280ca1a82a","sha1":"a17b2662e49c8d8e47701735ef1e6acf9f5fff07","sha256":"3cb42a90fd07560b095613a310becac597581e2f0b9ab54dde764802be0609cc","sha512":"92e73fcf130ed28ede95ad1f78b28264b1a152b7a07e836a858d116639d7e3b0429449e833d56f5b5582a6ba35965f3be796ace256b9eea649a0ca2f8edfb69d","ssdeep":"3072:G068+RhI8FvQeXO0AFQM4MmMnTQXvS1kKeq/h:B6phN1DF/SW4h","tlshash":"5ee3e849bad2b0f867e261e4942f9646e1371624740e98d5f6fac5d1a879ecf0033e3c","size":146805,"data":"","first_seen":"2025-09-11T10:47:57.345998Z","last_seen":"2025-10-21T05:38:51.00741Z","times_seen":595,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"be2d0eed5eded93d8440b1dae0f30960","sha1":"36e7177a4932c42e56d3e3f7b0580e4c88df96d5","sha256":"8368de6b02128e66831895a77f280482d7ed841a61c42d2304966f12a4efd46d","sha512":"185f6d9ce439ce4ddf557c13303790f74031c221e1578c98aee9a8b10e5ee6cca66c207b04686510faa128ccf19ea5f3c71d3494157709f5a7e984079c6c1ad7","ssdeep":"","tlshash":"8b110209b920b49661ab53fe811f000fb33098b7d89d58e057244cf59ef10ad05d7f0d","size":1000,"data":"","first_seen":"2025-08-02T17:09:38.072547Z","last_seen":"2026-04-10T16:55:30.109045Z","times_seen":521,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1556974190505.js?key=53e378cfb27847b2216676ba795c0d37\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=288fc4f6-bc40-4306-87b8-9a3d7cbff99e%3A2%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1556974190505.js?key=53e378cfb27847b2216676ba795c0d37\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=288fc4f6-bc40-4306-87b8-9a3d7cbff99e%3A2%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://ziggo-gratis.com\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://skinnycrawlinglax.com/watch.1556974190505.js?dev=e\u0026key=53e378cfb27847b2216676ba795c0d37\u0026kw=%5B%5D\u0026pst=1757903503\u0026rb=\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026res=14.3095\u0026rmtc=t\u0026shu=b9e1863529bb0028c3bf8bf75e717fe2a7aae4bb25274c57736197f239cad15922e35dd15db31b229c5dba1ead28ae97c9cc37b31b82c6afc64c0e27c22194231cb1ee90e864862420abfbe7ca33eaa59c80cecc8fe37be03a6033\u0026tz=0\u0026uuid=288fc4f6-bc40-4306-87b8-9a3d7cbff99e%3A2%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzEwMDI0NCwiayI6IjUzZTM3OGNmYjI3ODQ3YjIyMTY2NzZiYTc5NWMwZDM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MTE4ODkwLCJwaWQiOjI3MTU1ODgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InhuMmV4enF2aCIsImNwa3MiOnsiMjgiOiI3NjgyZDZiZGYwMmNhZTFmMTU0NWI1Nzk5NDM5MTdiMCIsIjI5IjoiYWMwYWZjYjIzNDM5NTY3NGNmOWM4ODQ1NjdlNTM5YjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3ppZ2dvLWdyYXRpcy5jb20vcm9qYTEyLTkvczE4LnBocCIsImFyIjpbXX19.55MSBUywjO8ZW081tc0TGXESGhmAX6USlcaHkvIZDsY; expires=Mon, 15 Sep 2025 02:31:43 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7a6362d213b12e6c46e9d890d0a98d4f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4880,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77354\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:52 GMT\r\netag: \"68b4731c-12e2a\"\r\nexpires: Wed, 17 Sep 2025 02:30:45 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:18:22], progressive, precision 8, 300x250, components 3","md5":"e4267b78fbfd9ec2cb935ff9d689393f","sha1":"80ad53e77eff7c9e2e2ec2aa782e2406bc133c72","sha256":"16b434f519fdf956da056ae83d2a8847179c3fccc2a88d1e80d886cec82ba164","sha512":"58faf0e02cf388518ee515a9b1ff2d3ec1dc9d048d4ca2b0c95ec3f66c7966f2151a8839e367b58d3b70fde29bbfaf2add06de0ad8ae2561556b1770d9f0f1cc","ssdeep":"1536:GB6pzB6p2ZYp69CExL6kGcjhulQrdcP8VXW4I+USZjGM5ndwRmxvD:GB6tB6GYp63Zjhlr71Wv/SdGuiM","tlshash":"8f73e03ffbe5af41f5d092b9bce2c243729eaf805a232b957d1c62097752190ad0d11b","first_seen":"2025-09-02T18:53:07.782432Z","last_seen":"2026-04-11T13:09:32.844974Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":72,"dns":0,"connect":21,"send":0,"wait":77,"receive":31,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:41.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 21:39:20 GMT","end":"Sun, 07 Dec 2025 22:39:07 GMT"},"fingerprint":{"sha1":"97:5E:85:70:5C:6F:7D:F5:DB:22:A2:2D:88:C5:E3:69:E8:15:5A:F4","sha256":"AE:9E:71:84:C0:24:A8:E6:55:FE:84:6C:3B:AA:4F:74:9F:76:47:83:B6:3D:D6:4D:0A:0A:74:54:1D:14:B3:EE"}}},"request":{"raw":"GET /script/aclib.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:41 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\nx-guploader-uploadid: ABgVH8-nZlZQUeYALtJGazOSSFGC7E3IAH1BXWj-jf7a2EYo8eDoNcNSA1H4RfCh_AiUhmpk\r\nexpires: Mon, 15 Sep 2025 03:30:41 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Thu, 11 Sep 2025 07:25:42 GMT\r\netag: W/\"da82194a183686cf8d7399280ca1a82a\"\r\nx-goog-generation: 1757575542484354\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 146805\r\nx-goog-hash: crc32c=awnbLw==, md5=2oIZShg2hs+Nc5koDKGoKg==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1780\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 97f4b41dda97dfec-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":146805,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators","md5":"da82194a183686cf8d7399280ca1a82a","sha1":"a17b2662e49c8d8e47701735ef1e6acf9f5fff07","sha256":"3cb42a90fd07560b095613a310becac597581e2f0b9ab54dde764802be0609cc","sha512":"92e73fcf130ed28ede95ad1f78b28264b1a152b7a07e836a858d116639d7e3b0429449e833d56f5b5582a6ba35965f3be796ace256b9eea649a0ca2f8edfb69d","ssdeep":"3072:G068+RhI8FvQeXO0AFQM4MmMnTQXvS1kKeq/h:B6phN1DF/SW4h","tlshash":"5ee3e849bad2b0f867e261e4942f9646e1371624740e98d5f6fac5d1a879ecf0033e3c","first_seen":"2025-09-11T10:47:57.345998Z","last_seen":"2025-10-21T05:38:51.00741Z","times_seen":595,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":15,"dns":4,"connect":1,"send":0,"wait":9,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js?userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0082456a8c1a49ffef7a8ad5c182f3f2; expires=Tue, 15 Sep 2026 02:30:42 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 97f4b420fe9b21fe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f8315a7759f73b0962f18c28f48a6ead","sha1":"5c1be7bc3dfa56716d1e73a98470e0bce61ba0ad","sha256":"e3a0eb6c54197d1a6d5c1571f6a8f750214aea4896f1e756a565cc0eeb264aea","sha512":"ebb54577dbe9c60ac048a183da3230c72a3d0a5f1ae1acecedb97f515a4efc5bb641f3c6f51061c3e09cd43b93fab597e41e5ed508f664050ced251f481210fd","ssdeep":"","tlshash":"6fa002c10a2865a50071175d5fdbd701141629a364149b0a91d9995321c636e4d45298","first_seen":"2025-09-15T02:31:11.799323Z","last_seen":"2025-09-15T02:31:11.799323Z","times_seen":1,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":25,"dns":0,"connect":1,"send":0,"wait":31,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\nage: 2296484\r\nx-served-by: cache-lga21931-LGA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 71, 702392\r\nx-timer: S1757903443.188407,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-11T12:55:12.289575Z","times_seen":448293,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":43,"dns":0,"connect":16,"send":0,"wait":16,"receive":7,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 141008\r\ncf-ray: 97f4b4284b9b56bb-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 0.3.13\r\nx-jsd-version-type: version\r\netag: W/\"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230028-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2880\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CLvwyo4McvgXuYjoRrVMETq4F7q%2FA4c%2BQKfmnlwcWtW%2Fid7gspld1L95MdNrH16%2BowVKtggedCBLb26r8q0pDHJywniSSoBa2QoNyeXTTGPE2N4nJB6XT6fQyvdovEFQhxY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":525081,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f55c6c796275a41ce7d97bd160e648ff","sha1":"936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89","sha256":"db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c","sha512":"3b01da86fa5b757041d7c03a186faad290c34f12fea78cc5ec53e4396491b16393c03e794bbead5a726f21c49f80894824eb65a87122c68a22cb2043ec6eda0e","ssdeep":"6144:q2ffwZI3wKqMSxeUKn5+q4Qc7vije4RDgv7VTG:qSoKqM9Upbz6R","tlshash":"c5b41b9876e5b0654393a0b8503f020b723bad6e7005a1ecf76de9e95db884d6037f78","first_seen":"2023-03-07T01:14:45Z","last_seen":"2026-04-11T11:30:05.112445Z","times_seen":2318,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":83,"dns":3,"connect":5,"send":0,"wait":10,"receive":6,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/blast.js","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jxoxkplay.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 18:24:49 GMT","end":"Sun, 09 Nov 2025 19:21:25 GMT"},"fingerprint":{"sha1":"F9:C9:6D:AE:27:E4:51:15:EB:CE:17:8D:87:A8:7A:36:1C:46:F3:42","sha256":"90:CC:17:79:CA:44:5D:24:3F:E9:35:D2:27:2D:DE:C4:40:75:68:37:45:8C:A8:06:D7:48:D4:2D:1E:ED:0E:2E"}}},"request":{"raw":"GET /blast.js HTTP/1.1\r\nHost: jxoxkplay.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Thu, 17 Oct 2024 06:47:40 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MROwmaEPbBsEqihxRnecxDqcpkwzdhaJE8wqsopizSHvGtFuTqUfOFKK0bLbRXgbgP0x8EwdkTar9VsaNLvCxqVtsFeIrHQWUrYt\"}]}\r\naccess-control-allow-origin: *\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 4795\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"6710b30c-13040\"\r\ncf-ray: 97f4b428e94d5699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"091faec928970e76d37a3601c19fcf8a","sha1":"6441e8eebe90eb8d4a40e7c25440ff99caba3520","sha256":"eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12","sha512":"0065b4e5167b85abb85d4af6be22853d1ea16e9c0d5420173f356dd7a980374487405d8561a4a5df32dd68d2956af6c7a3f099776994e2cf6a3b0eb8df1c3277","ssdeep":"1536:HnyiwA6dLK4I7T8IVCJ0Xiyu/lpvd7TN8+Prp2s:HnyiwFLzI7AeSymrpTNZrpN","tlshash":"16732ec177d5bc8212872b77731bb1e6e82a9dd87188488ef104bc90f4bda12fae4575","first_seen":"2023-03-08T14:53:38Z","last_seen":"2026-04-09T22:38:46.561491Z","times_seen":1576,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/wrr?z=9590470\u0026p_rid=0b8d16a1-d699-48b9-9edb-e0f3a0b73c1d\u0026rb=b0TYegJI2ECFMe9eJ-2EtJynjI3VoD07wcJoc17lihMDoUq3QUgd3PlLnnpNNlu3GMf4_Yc6Aq-jU4HTj-AU6ja_21tm8J7OvBjDEFX604iG83oTbNoboS_U1ysBBbKwQHcP9DSfyG7KPravsIMZJxfx9k-FNvOIKhnO7Ly1h-Iy1GqBfkLqjp81bKpvX3awtsE6aQIX2fvDUswP8puRILwNCBUXNBFkNVFrFjjBRwruZPSBUUqVLH3LG_NNi_djd_O_hRl6dYKCL6PU\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"OPTIONS /wrr?z=9590470\u0026p_rid=0b8d16a1-d699-48b9-9edb-e0f3a0b73c1d\u0026rb=b0TYegJI2ECFMe9eJ-2EtJynjI3VoD07wcJoc17lihMDoUq3QUgd3PlLnnpNNlu3GMf4_Yc6Aq-jU4HTj-AU6ja_21tm8J7OvBjDEFX604iG83oTbNoboS_U1ysBBbKwQHcP9DSfyG7KPravsIMZJxfx9k-FNvOIKhnO7Ly1h-Iy1GqBfkLqjp81bKpvX3awtsE6aQIX2fvDUswP8puRILwNCBUXNBFkNVFrFjjBRwruZPSBUUqVLH3LG_NNi_djd_O_hRl6dYKCL6PU\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ziggo-gratis.com/\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncf-ray: 97f4b4277ac78be6-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zhkj61k3oc.amazonaws.com/hls/4k/segment_738.ts?token=ebcx9nqzlr4\u0026ts=1757903443308","fqdn":"zhkj61k3oc.amazonaws.com","domain":"zhkj61k3oc.amazonaws.com","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.359Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /hls/4k/segment_738.ts?token=ebcx9nqzlr4\u0026ts=1757903443308 HTTP/1.1\r\nHost: zhkj61k3oc.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://jxoxkplay.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"zhkj61k3oc.amazonaws.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu3gQPehCN6CGXOXgw4s5WV_VPcxBjjATjJiSRHMRD_Zwtt6erreqe3swpGJEgCHPUg9D7ZpPFGCVevCkyG_AQEBwv7iF78S8QIWeZzeKu7_De-_p7XXyv-OqzzWYPUWjY7qX37NgUBVuJ-7j3yjVTStv63urVXoj7-HTvmimT6HRvY5Hc6PWQRn18qveOEut2heAQ4xCHvXPGKW03VvZZMNW9POznuB-RfhhHsOH-j30TgGcByNEeeh6MnD_7l_4AjJhBObx_Vvn12lavvT1sClZbByO5_X65Xtq2hOFhq10Autw-mAbr5wh9uQS23D7YAOxoa7EBcDNHSy8-Al5uH8gEPrr9RCkvQJXA5TPQjmagih0wbAbC3gQjf0cAQsLqRSiHd1ata9n1JyxbsHN0_PE_YNo5Ov7oBSiH358pzEbvii2a2tjSw4buwGzMwAxmUDU7UI-XwLQ7IOpPwMjf0MrjC1AOty76woKRuy-TLNMi0skyFxFejihOlrOUZ8s5ozIVXOs8V_tXZPQMmF-CxgfQmAAaHUBTBTCUu70IZ5EIGU10LkWKIxZFUnGcZwRjlosUGrHQPoG6moAoJiDcDajcDVg3E3DNL-DXdn_kuQqzhMYk5xxjkgnKdcZ1Gqs0TLUiLGVMRZyTmKSRiNOUJmGeakJzwWQY54QoGksZxpLTkBOSi1hyFiomScZUnopcCJouuIyIhGmRRAIrkgpCwjwiNBQ8VCrHKkuiLCERwYxrrlLBKFWMxbnIsFBCZFrRlCtMWYIpBS8D8DWCkeygVQhaj6BlCFqDoK0RtKPutiw88d0dWfiGhweVHFTaTW092GS3bT1QJQLmJuBkt2Wqj_1NEPWx6Vh7ObWLxHjdTRmX3Wa1h55buCH4-tOrsK52ezFVNM2E5iTNopQTEiZJmnCW5rHAkqbgTQfGLwHzAYzNHK2evAuVmaNT9gFwtgO-2AFhTgBrXgLWTlOSAVuDHMO4vD82g4FdHjhWG98XdgjSdlDVx6G-HmwWe-jkvjE__PMLUOIhOggQroPKdfCReYBgUNyaXrYt2rpsW49-uFjVZmjGbGHaKzWr1VN331XXW-vk-bN-8s2bYkEs2ntXla8vsFKacuDRt2eMlMqds04o9NN5f03xS41fO9O4sqkuXHrr3Plh5ZT3xpYzYGaOnv77cxBmjk78_NX-g4xf_Q6Mm4FrOhg2R7RWN8BXh9hbBK44xLxC0Dbd1BH-38ep4_pwojAICnWIGe_AH8FcHfmRLY5iptv0t2DgAmD1TSiHHYxcB6OiA1ZMwDfHpnXlHr7xB90P4EUw5YVDW7xwC97s9jRVRGCcpUlIM61CGkmh4yzKZcIwpQpqP1_7dXzl3wAAAP__-EWPtHYFAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu3gQPehCN6CGXOXgw4s5WV_VPcxBjjATjJiSRHMRD_Zwtt6erreqe3swpGJEgCHPUg9D7ZpPFGCVevCkyG_AQEBwv7iF78S8QIWeZzeKu7_De-_p7XXyv-OqzzWYPUWjY7qX37NgUBVuJ-7j3yjVTStv63urVXoj7-HTvmimT6HRvY5Hc6PWQRn18qveOEut2heAQ4xCHvXPGKW03VvZZMNW9POznuB-RfhhHsOH-j30TgGcByNEeeh6MnD_7l_4AjJhBObx_Vvn12lavvT1sClZbByO5_X65Xtq2hOFhq10Autw-mAbr5wh9uQS23D7YAOxoa7EBcDNHSy8-Al5uH8gEPrr9RCkvQJXA5TPQjmagih0wbAbC3gQjf0cAQsLqRSiHd1ata9n1JyxbsHN0_PE_YNo5Ov7oBSiH358pzEbvii2a2tjSw4buwGzMwAxmUDU7UI-XwLQ7IOpPwMjf0MrjC1AOty76woKRuy-TLNMi0skyFxFejihOlrOUZ8s5ozIVXOs8V_tXZPQMmF-CxgfQmAAaHUBTBTCUu70IZ5EIGU10LkWKIxZFUnGcZwRjlosUGrHQPoG6moAoJiDcDajcDVg3E3DNL-DXdn_kuQqzhMYk5xxjkgnKdcZ1Gqs0TLUiLGVMRZyTmKSRiNOUJmGeakJzwWQY54QoGksZxpLTkBOSi1hyFiomScZUnopcCJouuIyIhGmRRAIrkgpCwjwiNBQ8VCrHKkuiLCERwYxrrlLBKFWMxbnIsFBCZFrRlCtMWYIpBS8D8DWCkeygVQhaj6BlCFqDoK0RtKPutiw88d0dWfiGhweVHFTaTW092GS3bT1QJQLmJuBkt2Wqj_1NEPWx6Vh7ObWLxHjdTRmX3Wa1h55buCH4-tOrsK52ezFVNM2E5iTNopQTEiZJmnCW5rHAkqbgTQfGLwHzAYzNHK2evAuVmaNT9gFwtgO-2AFhTgBrXgLWTlOSAVuDHMO4vD82g4FdHjhWG98XdgjSdlDVx6G-HmwWe-jkvjE__PMLUOIhOggQroPKdfCReYBgUNyaXrYt2rpsW49-uFjVZmjGbGHaKzWr1VN331XXW-vk-bN-8s2bYkEs2ntXla8vsFKacuDRt2eMlMqds04o9NN5f03xS41fO9O4sqkuXHrr3Plh5ZT3xpYzYGaOnv77cxBmjk78_NX-g4xf_Q6Mm4FrOhg2R7RWN8BXh9hbBK44xLxC0Dbd1BH-38ep4_pwojAICnWIGe_AH8FcHfmRLY5iptv0t2DgAmD1TSiHHYxcB6OiA1ZMwDfHpnXlHr7xB90P4EUw5YVDW7xwC97s9jRVRGCcpUlIM61CGkmh4yzKZcIwpQpqP1_7dXzl3wAAAP__-EWPtHYFAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzEwMDI0NCwiayI6IjUzZTM3OGNmYjI3ODQ3YjIyMTY2NzZiYTc5NWMwZDM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MTE4ODkwLCJwaWQiOjI3MTU1ODgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InhuMmV4enF2aCIsImNwa3MiOnsiMjgiOiI3NjgyZDZiZGYwMmNhZTFmMTU0NWI1Nzk5NDM5MTdiMCIsIjI5IjoiYWMwYWZjYjIzNDM5NTY3NGNmOWM4ODQ1NjdlNTM5YjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3ppZ2dvLWdyYXRpcy5jb20vcm9qYTEyLTkvczE4LnBocCIsImFyIjpbXX19.55MSBUywjO8ZW081tc0TGXESGhmAX6USlcaHkvIZDsY; uid_id2=288fc4f6-bc40-4306-87b8-9a3d7cbff99e:2:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl27100244=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:44 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 96865620d43b534db726ff061bb690de\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fcenter_banner%2F2%2Fcss%2Fstyle.css\u0026l=4256\u0026fd=88","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fcenter_banner%2F2%2Fcss%2Fstyle.css\u0026l=4256\u0026fd=88 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nCookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27410430=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:46 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":719,"timings":{"blocked":304,"dns":1,"connect":93,"send":0,"wait":104,"receive":0,"ssl":213},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.197.252.180","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=a9f2b86e-2607-4050-8224-7710c2f4e789:1:1; expires=Thu, 13 Sep 2035 02:30:42 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"61eb508d56c722e740aa2b40ed68cd0e","sha1":"425218787317f927d7f3a335b2aa1ee504f6d3e8","sha256":"db70d961a0fb0b700bacd1a52139aa8c68fee7533d5a275d116d8a79035869e8","sha512":"7e72be991e17007831387ffa1076f629ae8968dbfd394bd0968dd6883d7d7d470f7c55c8a0214d14f059a0667f8b0942e8a56f696328c663105ee001f259e414","ssdeep":"","tlshash":"34900400413705d1134515d00507f44043444570400c041f5070c7515d10051c0173d0","first_seen":"2025-09-15T02:31:11.805645Z","last_seen":"2025-09-15T02:31:11.805645Z","times_seen":1,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":1,"connect":24,"send":0,"wait":21,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sootoarathus.net/web/files/300x250/10.png","fqdn":"sootoarathus.net","domain":"sootoarathus.net","tld":"net"},"ip":{"addr":"104.21.93.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sootoarathus.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 Aug 2025 04:22:53 GMT","end":"Fri, 28 Nov 2025 05:19:46 GMT"},"fingerprint":{"sha1":"25:85:9E:54:1F:4E:FF:0A:E7:8B:A6:AC:2A:8C:F9:5D:38:B6:39:9F","sha256":"11:FA:6B:9B:74:B9:E6:E1:5B:C7:8A:C4:25:17:1C:76:E5:67:DA:8D:B4:6E:97:FC:2E:5D:D6:8A:F7:0B:82:0A"}}},"request":{"raw":"GET /web/files/300x250/10.png HTTP/1.1\r\nHost: sootoarathus.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 69586\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 30 Apr 2024 13:05:37 GMT\r\netag: \"564b01a4940c02f982e1a05b8025f8f4\"\r\nexpires: Mon, 15 Sep 2025 13:19:09 GMT\r\ncache-control: max-age=86400\r\ntiming-allow-origin: *\r\nage: 47493\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b4nXx4YQB%2F9fCrHvqo5f%2Bx%2F0B1s%2B2B575JmW3eIK6IqyOiFXCK0nAfguu2nG0e04x%2F9lJTZKsbDLYL%2BW8JbaaXnfsk80yxZyd403Ycz%2BdBU%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 97f4b423ccde1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced","md5":"564b01a4940c02f982e1a05b8025f8f4","sha1":"612dcb04382de811b6f68dd8d60aba0fbb9c807f","sha256":"26791209aa05758ad2a7b76d60c837669c203228220433563a72b636282c8be2","sha512":"20c29254d09a148d0c02ec61dc495657093e3ca2f072fe4dbe8a40c1293f9f1fa08f7ec511e40058a670f89636e9fccab1575220123e511783fa679478de7c36","ssdeep":"1536:Z8V9jxCEKPRJtE55LG8BBoni+O9nR3vU1vuuPOrS:KlSji5LGQunvssjL","tlshash":"c063025ca48af5c3c1fb35ffb9098ba967ed4f57bc42abc426c4074e0ad36446629022","first_seen":"2024-06-03T19:43:37Z","last_seen":"2026-04-10T00:09:26.533173Z","times_seen":43,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtnhu20mg2.amazonaws.com/hls/4k/segment_4808.ts?token=r7uv4u44e1k\u0026ts=1757903443344","fqdn":"qtnhu20mg2.amazonaws.com","domain":"qtnhu20mg2.amazonaws.com","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.398Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /hls/4k/segment_4808.ts?token=r7uv4u44e1k\u0026ts=1757903443344 HTTP/1.1\r\nHost: qtnhu20mg2.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://jxoxkplay.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"qtnhu20mg2.amazonaws.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://jxoxkplay.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nCookie: ID=0082456a8c1a49ffef7a8ad5c182f3f2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://jxoxkplay.xyz\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0082456a8c1a49ffef7a8ad5c182f3f2; expires=Tue, 15 Sep 2026 02:30:43 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 97f4b4293d39712d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f8315a7759f73b0962f18c28f48a6ead","sha1":"5c1be7bc3dfa56716d1e73a98470e0bce61ba0ad","sha256":"e3a0eb6c54197d1a6d5c1571f6a8f750214aea4896f1e756a565cc0eeb264aea","sha512":"ebb54577dbe9c60ac048a183da3230c72a3d0a5f1ae1acecedb97f515a4efc5bb641f3c6f51061c3e09cd43b93fab597e41e5ed508f664050ced251f481210fd","ssdeep":"","tlshash":"6fa002c10a2865a50071175d5fdbd701141629a364149b0a91d9995321c636e4d45298","first_seen":"2025-09-15T02:31:11.799323Z","last_seen":"2025-09-15T02:31:11.799323Z","times_seen":1,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amt3.com/5/9590458/?oo=1\u0026js_build=iclick-v1.1570.0\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"amt3.com","domain":"amt3.com","tld":"com"},"ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amt3.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 05:21:33 GMT","end":"Thu, 09 Oct 2025 05:21:32 GMT"},"fingerprint":{"sha1":"4F:52:B5:E1:62:6B:8E:6A:12:14:9C:87:72:1B:0C:49:B6:1B:B3:DD","sha256":"60:A1:B7:F3:D5:3A:87:F3:6A:F6:90:C5:70:D6:FD:50:C1:44:A8:9F:C9:62:EA:57:E1:E2:29:B4:19:91:E9:F5"}}},"request":{"raw":"POST /5/9590458/?oo=1\u0026js_build=iclick-v1.1570.0\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: amt3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2609\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 15 Sep 2025 02:30:44 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aie2jr5kc3.amazonaws.com/hls/4k/playlist.m3u8?token=t8g4b3rj96j\u0026v=1757903443360","fqdn":"aie2jr5kc3.amazonaws.com","domain":"aie2jr5kc3.amazonaws.com","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.433Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /hls/4k/playlist.m3u8?token=t8g4b3rj96j\u0026v=1757903443360 HTTP/1.1\r\nHost: aie2jr5kc3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://jxoxkplay.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"aie2jr5kc3.amazonaws.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=b080c0e7-add6-41d9-980d-36892e957e98\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ac0afcb234395674cf9c884567e539b9\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=2","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=b080c0e7-add6-41d9-980d-36892e957e98\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ac0afcb234395674cf9c884567e539b9\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=2 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:45 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: af6b198bb057efb56c20b64397476f92\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":659,"timings":{"blocked":277,"dns":1,"connect":100,"send":0,"wait":93,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aqle3.com/btag.min.js","fqdn":"aqle3.com","domain":"aqle3.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aqle3.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 05:14:40 GMT","end":"Fri, 31 Oct 2025 05:14:39 GMT"},"fingerprint":{"sha1":"B5:AF:31:69:6A:17:9F:07:AB:25:8D:39:30:58:25:73:03:BA:1C:5C","sha256":"4C:E8:A7:A1:D3:5F:96:81:0B:BA:76:E1:51:5D:37:28:95:43:CA:8A:9B:79:C9:D9:5C:85:67:80:87:A9:E9:84"}}},"request":{"raw":"GET /btag.min.js HTTP/1.1\r\nHost: aqle3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 9332763af1d74822ddb5bb60661ef1ac\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6301,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5952)","md5":"17ea1002d3cdc2a66b35ef893e72f6d1","sha1":"8f973a53a336bb7c15bc385a201af1fba8578af4","sha256":"76b71ec9dace7756039ed4466f8863e27b302530a2283cf5260bb3bc39fe9c7a","sha512":"46b7b31498222c8fb106040df871cc857888620959c219cc2ec7f66250d71c34680d43de3af8858566132a42e1722f2afc828a196a600f74e7a3d08515a0af61","ssdeep":"192:6KfsrGxbTmXnk85/ZgrqXRoJYAF0F2cKI6cU254PD:1KGxnmXnj1X+JYAF0F2cKI6cU2+PD","tlshash":"12d1d83e3bb42175b18c068d347f6b68fb6ab52467124c74b24cedfa6310c9264ba536","first_seen":"2025-07-31T19:55:30.99116Z","last_seen":"2025-11-25T08:25:16.302375Z","times_seen":255,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/5/9590469/?bnr=1","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"GET /5/9590469/?bnr=1 HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=0082456a8c1a49ffef7a8ad5c182f3f2; oaidts=1757903441\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97f4b423c8918be6-OSL\r\nx-trace-id: cf7c797779f92769034f42e9fbb81be2\r\nlink: \u003chttps://my.rtmark.net\u003e; rel=\"preconnect dns-prefetch\"\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nset-cookie: OAID=0082456a8c1a49ffef7a8ad5c182f3f2; expires=Tue, 15 Sep 2026 02:30:42 GMT; path=/; secure; SameSite=None\noaidts=1757903441; expires=Tue, 15 Sep 2026 02:30:42 GMT; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114840,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e83dd758fd4f3e94431da1a76317174c","sha1":"2c868e430101952bf3e4c551e64493264676852b","sha256":"5645954562b07cc829ca0106fc33c4e14849c367362d07bf7ac5c861fb9536ad","sha512":"6b687ced0ef5a23179d0d9a3b9fc2238537cc21f4438054cbcdbb92091da2c82f7d8b497d42ea9f95ac81657481691d62fcd4c2796a95226eeadaec22605f00e","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO26UE:LOtX93Mf3UAQbaC76GEBwO26UE","tlshash":"7fb31b9c625234712d7ad129785fc44c6eeaef80048e89e4d4daac732653075d3bbfe8","first_seen":"2025-09-15T02:31:11.810274Z","last_seen":"2025-09-15T02:31:11.810274Z","times_seen":1,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggogratis.shop/embed/stream-18.php","date":"2025-09-15T02:30:42.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggogratis.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: 66571f967735864f38c569488403bba1\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1547\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 15 Sep 2025 02:04:54 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FpZ7Xv2eJYrGC5Ne8ug48P5lrOkO7270hfVj27vpPEWp4ZStbGSjY7DUrNdX30Fm8OHZnMGJFDwGHj349ij0ckafcu8Pdqo%3D\"}]}\r\ncf-ray: 97f4b425988db51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109819,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8b9d55a4af1077a11ef179a7fbef88ef","sha1":"96c569fa3f52c3b81a33cd42b9c23fba737f72a3","sha256":"c548281ee18156b66358383e070e1b14ab942bac77ace39abc922186af4839ab","sha512":"4fbf1985ab1dfdcd4ea95c2a4aaf1d5e26cbdf2e5acede073ecc75c352874914df194668131c409d10b68a446a6f9f212d3c6cae1d65778c232b2107fab037e4","ssdeep":"1536:KOtQiEOxh8M3MCBCskobqUY3LghGVHtg7aC7n6wTEjtwO2C:KOtX93Mf3UuQbaC76GEBwO2C","tlshash":"c2b31c9c625734712d7a9129385fc44d6eeaef80048e89e4d0daac732653075d3bbfe8","first_seen":"2025-09-14T07:40:18.844336Z","last_seen":"2025-09-15T02:31:11.812811Z","times_seen":12,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d7acc0bc0be608e6f84a3ff781e3b07d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jxoxkplay.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 18:24:49 GMT","end":"Sun, 09 Nov 2025 19:21:25 GMT"},"fingerprint":{"sha1":"F9:C9:6D:AE:27:E4:51:15:EB:CE:17:8D:87:A8:7A:36:1C:46:F3:42","sha256":"90:CC:17:79:CA:44:5D:24:3F:E9:35:D2:27:2D:DE:C4:40:75:68:37:45:8C:A8:06:D7:48:D4:2D:1E:ED:0E:2E"}}},"request":{"raw":"HEAD /premiumtv/bizz-streams2u.php?id=18 HTTP/1.1\r\nHost: jxoxkplay.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mSux0QSBCWxuJOv3MiqoIOXBrQm9F1y7GZm2FW%2B5DH2tam4GLSFXiCDlB0DzqQUcQb6Z1rhk4mF0cbvFCFyExbrjcEnO2mUgCnCB\"}]}\r\nx-cache: BYPASS\r\nvideocdnx: NO\r\nnode: PHP\r\ncache-control: public, max-age=30, immutable, no-transform\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 97f4b428494c5699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/center_banner/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/center_banner/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-10a0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 632802\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MveaF7uvNcql5fqc%2FIJr7wGEVPDdj%2FlnVa7pHEk5eiUeLfvaDXZNARF7VtHLEQOItBV4fBqWFlgb1vsgItEaVEIPS%2FoiO0mfq3l%2Fp0hhKeY%3D\"}]}\r\ncf-ray: 97f4b438cc1c8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4256,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"082401cb43723850f7fb48dc7f8d4af6","sha1":"d7a312aee231235ac7ee7a5f4497d919009f747b","sha256":"aac90d87fe360b313922abbb3baa5ce9b67edf5c468764f7e165485af508bc5c","sha512":"a6f61ea1079c506b732c9e4e5521bd9536f2e39d58cc6a11a55086dd8bbc2252987b611cb62f79fec462cc086c2242ce14d5db43ac10dfa88a00d1f33266ed98","ssdeep":"96:iTMXkG4oLrBhAXHbfylUMXHbfyMfSxzcjhUmBCmS+AJx3:IMX3JGXHTydXHTyG6zOhjBCmS+AJx3","tlshash":"4991ad9726231604b807e8542fa52b4353688013d64fe4b53ec26b8c8fcb6ccd9e739e","first_seen":"2024-03-12T11:20:16Z","last_seen":"2026-01-27T09:02:28.976088Z","times_seen":913,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":43,"dns":13,"connect":12,"send":0,"wait":23,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fcenter_banner%2F2%2Fjs%2Fscript.js\u0026l=975\u0026fd=12","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:46.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fcenter_banner%2F2%2Fjs%2Fscript.js\u0026l=975\u0026fd=12 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nCookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27410430=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:46 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/wrr?z=9590469\u0026p_rid=a3e0940d-85b0-4954-995c-b91e4a51b91a\u0026rb=6MParwe4t1pzqjODyVHncJ61ZSQcV7YKI9hKf5P7yD-Dw26XBLqbLk5_iuYyOY_l1eA5nV0-MgIERRRHXgljqEApxN-sO0La-qB-i5qe5Kap3LqXPKGtxoxLptiKfGOYc5jROHgVVJ7BWHOixuqUT3p7FGUC7Z49KlpgkJ4Bl8qghjzeN-0LjZjWMaNJBDbhlQQlKGiBiIeqFIvnfowYK3IamrDjMMOInYM_ECZSPJlCiu2Pef4fF3ah_s7S-FCIThDnpg==\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"POST /wrr?z=9590469\u0026p_rid=a3e0940d-85b0-4954-995c-b91e4a51b91a\u0026rb=6MParwe4t1pzqjODyVHncJ61ZSQcV7YKI9hKf5P7yD-Dw26XBLqbLk5_iuYyOY_l1eA5nV0-MgIERRRHXgljqEApxN-sO0La-qB-i5qe5Kap3LqXPKGtxoxLptiKfGOYc5jROHgVVJ7BWHOixuqUT3p7FGUC7Z49KlpgkJ4Bl8qghjzeN-0LjZjWMaNJBDbhlQQlKGiBiIeqFIvnfowYK3IamrDjMMOInYM_ECZSPJlCiu2Pef4fF3ah_s7S-FCIThDnpg==\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ziggo-gratis.com/\r\ncontent-type: application/json\r\nContent-Length: 2535\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:44 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncf-ray: 97f4b42f1eed8be6-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/bb/09/20/bb0920e920b04fdebd2119739150c93c/1698574651.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/bb/09/20/bb0920e920b04fdebd2119739150c93c/1698574651.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 29 Oct 2023 10:17:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=inTeIe5mOQfSDPNmO%2FjOQwpT9%2FeZYJd6qwtzInoBrVaq%2BtxVrgICjApiayUqa6ohn93mUq2p9IoY6EunQvcZtpqckk8%2B6VTwDNYQJeQ%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 97f4b4375f2756a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1777,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"072e8db4074dbdb5f907708ecde5b3cd","sha1":"9cff59558d4a4b945754478a04738e744b7ffc2a","sha256":"5b5f0e9d8303aec59181cdf6f6b9de9c2e0001007349840246b9f8ab286b82a0","sha512":"4d5b8b73d3b1ba9054fabe455e6216e74e015d64ef3abf86f9db14c5412b5c8d71195ba3722ecd2d15c61980e2b1c7ea73acae8a48cb3e7785d028076f210fec","ssdeep":"","tlshash":"1831e6662cf9c57300829094bb312f5bed91e687894f550073bc4a918fd7ed9cca7207","first_seen":"2023-12-11T08:15:45Z","last_seen":"2026-01-27T09:50:20.218558Z","times_seen":1010,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":30,"dns":8,"connect":2,"send":0,"wait":140,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ab/e6/9c/abe69c318feb241a53d9c090989911d46303f4c8b301924ebeb9ec072a23ad8f.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/ab/e6/9c/abe69c318feb241a53d9c090989911d46303f4c8b301924ebeb9ec072a23ad8f.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 61849\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 05 May 2025 01:41:09 GMT\r\netag: \"68181735-f199\"\r\nexpires: Wed, 17 Sep 2025 02:30:45 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61849,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"2e61bc0431eb164a8c0302d9ffa468e7","sha1":"8b0253616faf00bdfe604b24b0f7c12fe7d951b5","sha256":"be1be9493334743b151b0c2a8262952652644a570e83f72c5e2661da75312ba0","sha512":"80ed07170f48b55f6927f04f2d979034302c37844c3d8bbc9cf9bb5337268fe5554df35f931bf4a6032f25917acad15073b22a39030cfc52c3f4a818c02dbdbf","ssdeep":"1536:hY9on6dt6Lofyq6j0Ki3RZuBUJdAyqoiiN4y0z4mfJj+8CN:hQon6dpfydA7BZAs6diN4TJRK8CN","tlshash":"4e5302f479e16fb4daa9c2375140bb91f6bc6d9cd8c20fa992012bc49e81f83539b443","first_seen":"2025-09-14T18:19:09.581242Z","last_seen":"2025-09-21T10:00:02.936716Z","times_seen":39,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/3aee509c2c8c8b02c504f8f11f6c6921/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:41.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 Aug 2025 22:12:45 GMT","end":"Sun, 09 Nov 2025 22:12:44 GMT"},"fingerprint":{"sha1":"B9:F8:C8:45:C0:0A:8C:9E:D0:93:4C:61:6A:2B:96:49:20:7B:36:AD","sha256":"CB:4C:A5:11:03:46:B4:B3:1A:2C:67:7A:70:5E:BA:61:07:FB:22:C6:9B:14:E6:FC:FF:46:02:F6:30:DA:F0:A0"}}},"request":{"raw":"GET /3aee509c2c8c8b02c504f8f11f6c6921/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:41 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15908\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f8e2de44d3c6de2606eda2d531940127\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37590,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37590), with no line terminators","md5":"080a9029deb48cefbb8765459086073f","sha1":"5e7572bbd225b67e017daa11f46ef6905def87d4","sha256":"0e5d55bc2806ef6948c7ac298a6c36b1455df52676315b246502c301891fb181","sha512":"c0943b33dab7f7dc9ed79274cb0a0af7d95fe4f6ff56bd532bc1d028f8d3588706960f1a2e0301dcb709e68ba822cea6727e6fc785cf1d6e3d11fe27339ee515","ssdeep":"768:MBY6ccuLFYdYjHMjYZ6lRtsF8Yg1L/lUUYEFYLetqz:kHc7LF0Y6HO8Y0L/qJEFYLetqz","tlshash":"fff2f7883fc0b3d456ab2867337fd01ba1955d04a54cd098e927f0e92de876af727b60","first_seen":"2025-09-15T02:31:11.819844Z","last_seen":"2025-09-20T14:53:49.644723Z","times_seen":2,"resource_available":true,"data":null}},"time_used":860,"timings":{"blocked":327,"dns":51,"connect":92,"send":0,"wait":105,"receive":92,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=10386226\u0026cbur=0.9883991392443315\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=acscdn.com\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1757903442426\u0026srs=b685c44c802ff94be0b8a55cb8e60cab\u0026atv=69.0","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 17:58:51 GMT","end":"Sat, 08 Nov 2025 17:08:08 GMT"},"fingerprint":{"sha1":"EA:C4:03:00:5B:31:55:C6:59:67:78:25:B3:B7:46:0C:EC:DE:30:70","sha256":"D9:CD:23:32:1E:FF:B8:A4:2F:94:7E:6F:7B:49:CF:2A:8E:F8:87:04:44:A7:C7:E1:3C:53:1B:9F:D1:3A:94:D5"}}},"request":{"raw":"GET /script/suurl5.php?r=10386226\u0026cbur=0.9883991392443315\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=acscdn.com\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1757903442426\u0026srs=b685c44c802ff94be0b8a55cb8e60cab\u0026atv=69.0 HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ziggo-gratis.com/\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IdhFgnkbgqIPymZWw7GXlJo%2BBDTv61K4OES74jTg5UcMrDKRZfAryDtHIa2X2L3Rorm20u4Dt%2FM66wsyWpxgkDb3VmexnHPmxInVv8kTGQ%2FN6GA%3D\"}]}\r\ncf-ray: 97f4b423ac0cc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":890,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"fe8ba6281f18b82880a739616307a9c7","sha1":"0a3649cd5d316e323c7fbf5782750705dd649216","sha256":"ac6bb3460c6d1a69cc74b417e366d36eea5858e2784005aa5478f9487e3e16c2","sha512":"93ebb321044849a061678b1ac29cc10d49ff262a594f1ca1f6887cb7509c9f8527c2c150fda6c8da8f6e13ff16612a3ea9e82dcb3b23ad607cb4bc832b7cf3ec","ssdeep":"","tlshash":"c311635a4bdc5c6d3dbd88c8192eb9ac2c6625980ab4a091e48b4d3a03e0d584b6fb55","first_seen":"2025-09-15T02:31:11.822965Z","last_seen":"2025-09-15T02:31:11.822965Z","times_seen":1,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":43,"dns":20,"connect":1,"send":0,"wait":200,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nCookie: OAID=0082456a8c1a49ffef7a8ad5c182f3f2; oaidts=1757903441\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97f4b4279adf8be6-OSL\r\nx-trace-id: 545a25d263024cebb76f83e935b35a61\r\ncache-control: public, max-age=14400\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 15 Sep 2025 02:20:45 GMT\r\ncf-cache-status: HIT\r\nage: 324\r\nexpires: Mon, 15 Sep 2025 06:30:43 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":109820,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1c8422c53cd5d685647ab79576ead702","sha1":"39ab79a926305692823c70bfa2a2df92d29348a0","sha256":"f928f027fbad19fa0a3cf042beb77e2ff801675ff19418abf30240d15996d4bd","sha512":"79df8a59d598191b28ef955aaa96642b94af76322df7dc2f32be3320c86529de15cecbac864aaf789e12388292a7a999b46c7e255db1551007048f3e724c6af9","ssdeep":"1536:KOtQiEOxh8M3MCBCskobqUK3LghGVHtg7aC7n6wTEjtwO2C:KOtX93Mf3U4QbaC76GEBwO2C","tlshash":"38b31c9c625734712d7a9129385fc44d6eeaef80048e89e4d0daac732653075d3bbfe8","first_seen":"2025-09-11T16:32:59.450593Z","last_seen":"2025-09-15T05:19:30.293228Z","times_seen":62,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/wrr?z=9590470\u0026p_rid=0b8d16a1-d699-48b9-9edb-e0f3a0b73c1d\u0026rb=b0TYegJI2ECFMe9eJ-2EtJynjI3VoD07wcJoc17lihMDoUq3QUgd3PlLnnpNNlu3GMf4_Yc6Aq-jU4HTj-AU6ja_21tm8J7OvBjDEFX604iG83oTbNoboS_U1ysBBbKwQHcP9DSfyG7KPravsIMZJxfx9k-FNvOIKhnO7Ly1h-Iy1GqBfkLqjp81bKpvX3awtsE6aQIX2fvDUswP8puRILwNCBUXNBFkNVFrFjjBRwruZPSBUUqVLH3LG_NNi_djd_O_hRl6dYKCL6PU\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"POST /wrr?z=9590470\u0026p_rid=0b8d16a1-d699-48b9-9edb-e0f3a0b73c1d\u0026rb=b0TYegJI2ECFMe9eJ-2EtJynjI3VoD07wcJoc17lihMDoUq3QUgd3PlLnnpNNlu3GMf4_Yc6Aq-jU4HTj-AU6ja_21tm8J7OvBjDEFX604iG83oTbNoboS_U1ysBBbKwQHcP9DSfyG7KPravsIMZJxfx9k-FNvOIKhnO7Ly1h-Iy1GqBfkLqjp81bKpvX3awtsE6aQIX2fvDUswP8puRILwNCBUXNBFkNVFrFjjBRwruZPSBUUqVLH3LG_NNi_djd_O_hRl6dYKCL6PU\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ziggo-gratis.com/\r\ncontent-type: application/json\r\nContent-Length: 2530\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncf-ray: 97f4b427baf78be6-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1556974190505.js?dev=e\u0026key=53e378cfb27847b2216676ba795c0d37\u0026kw=%5B%5D\u0026pst=1757903503\u0026rb=\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026res=14.3095\u0026rmtc=t\u0026shu=b9e1863529bb0028c3bf8bf75e717fe2a7aae4bb25274c57736197f239cad15922e35dd15db31b229c5dba1ead28ae97c9cc37b31b82c6afc64c0e27c22194231cb1ee90e864862420abfbe7ca33eaa59c80cecc8fe37be03a6033\u0026tz=0\u0026uuid=288fc4f6-bc40-4306-87b8-9a3d7cbff99e%3A2%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1556974190505.js?dev=e\u0026key=53e378cfb27847b2216676ba795c0d37\u0026kw=%5B%5D\u0026pst=1757903503\u0026rb=\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026res=14.3095\u0026rmtc=t\u0026shu=b9e1863529bb0028c3bf8bf75e717fe2a7aae4bb25274c57736197f239cad15922e35dd15db31b229c5dba1ead28ae97c9cc37b31b82c6afc64c0e27c22194231cb1ee90e864862420abfbe7ca33eaa59c80cecc8fe37be03a6033\u0026tz=0\u0026uuid=288fc4f6-bc40-4306-87b8-9a3d7cbff99e%3A2%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nReferer: https://ziggo-gratis.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzEwMDI0NCwiayI6IjUzZTM3OGNmYjI3ODQ3YjIyMTY2NzZiYTc5NWMwZDM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MTE4ODkwLCJwaWQiOjI3MTU1ODgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InhuMmV4enF2aCIsImNwa3MiOnsiMjgiOiI3NjgyZDZiZGYwMmNhZTFmMTU0NWI1Nzk5NDM5MTdiMCIsIjI5IjoiYWMwYWZjYjIzNDM5NTY3NGNmOWM4ODQ1NjdlNTM5YjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3ppZ2dvLWdyYXRpcy5jb20vcm9qYTEyLTkvczE4LnBocCIsImFyIjpbXX19.55MSBUywjO8ZW081tc0TGXESGhmAX6USlcaHkvIZDsY\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nContent-Type: text/html\r\nContent-Length: 3293\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://ziggo-gratis.com\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=288fc4f6-bc40-4306-87b8-9a3d7cbff99e:2:1; expires=Mon, 22 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\nu_pl27100244=1; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1c2223378126f54472e66d0bf74714bf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4880,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (4004)","md5":"90f6b48db765aca02d62e9267a4512a2","sha1":"22ee72942100fd01c7f08f149bb0621b1525acca","sha256":"d03ae6b1b97630516bee804d22c718f5afe03c5964c5df25d26dcdf10800ae86","sha512":"776279bd0fac37f3fe2f86dddf8cdbda37337c393aad9fc60eab8d907026a7821bc9714db00c1e933067bf94e6e901aa766fba5a97caf04e18d8f5b9042cbcac","ssdeep":"96:aoz9bT+cjTPf5XWr7k9gblGucoJ9QsSIIX1/DUCfMEDaH:XzwwT5GrQUGoJixbUCkCaH","tlshash":"fda12aa5add7b5b04563903f06bb92183aa1c10f5a18db817e5cee051b30aa14f66ffc","first_seen":"2025-09-15T02:31:11.825904Z","last_seen":"2025-09-15T02:31:11.825904Z","times_seen":1,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:46.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 08 Sep 2025 19:01:58 GMT\r\nexpires: Tue, 08 Sep 2026 19:01:58 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nage: 545328\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-11T12:56:17.699134Z","times_seen":729584,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":97,"dns":1,"connect":14,"send":0,"wait":15,"receive":21,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:46.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 08 Sep 2025 19:01:58 GMT\r\nexpires: Tue, 08 Sep 2026 19:01:58 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nage: 545328\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-11T12:56:17.699134Z","times_seen":729584,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":174,"dns":1,"connect":35,"send":0,"wait":8,"receive":11,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/wrr?z=9590469\u0026p_rid=a3e0940d-85b0-4954-995c-b91e4a51b91a\u0026rb=6MParwe4t1pzqjODyVHncJ61ZSQcV7YKI9hKf5P7yD-Dw26XBLqbLk5_iuYyOY_l1eA5nV0-MgIERRRHXgljqEApxN-sO0La-qB-i5qe5Kap3LqXPKGtxoxLptiKfGOYc5jROHgVVJ7BWHOixuqUT3p7FGUC7Z49KlpgkJ4Bl8qghjzeN-0LjZjWMaNJBDbhlQQlKGiBiIeqFIvnfowYK3IamrDjMMOInYM_ECZSPJlCiu2Pef4fF3ah_s7S-FCIThDnpg==\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"OPTIONS /wrr?z=9590469\u0026p_rid=a3e0940d-85b0-4954-995c-b91e4a51b91a\u0026rb=6MParwe4t1pzqjODyVHncJ61ZSQcV7YKI9hKf5P7yD-Dw26XBLqbLk5_iuYyOY_l1eA5nV0-MgIERRRHXgljqEApxN-sO0La-qB-i5qe5Kap3LqXPKGtxoxLptiKfGOYc5jROHgVVJ7BWHOixuqUT3p7FGUC7Z49KlpgkJ4Bl8qghjzeN-0LjZjWMaNJBDbhlQQlKGiBiIeqFIvnfowYK3IamrDjMMOInYM_ECZSPJlCiu2Pef4fF3ah_s7S-FCIThDnpg==\u0026dmn=madurird.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ziggo-gratis.com/\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:44 GMT\r\ncf-ray: 97f4b42ededb8be6-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/center_banner/2/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/center_banner/2/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QpMw2mwhit%2BUVIIh6es4w5IIBz7IXEIisQ3Hq5lut1K0LS%2FHZIDPldXv72b3GsGyNR1M40ZSAp2D91hMLVhd%2BNE382%2FhxjOGTSitDSXLuC0%3D\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 3259975\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-9c7\"\r\ncf-ray: 97f4b4394a6e0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2503,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1b6231336753101ab916ff3bc2644225","sha1":"9e0ebaf400b0cdc45a1d40523ea5479205fdd2b2","sha256":"4d6367626004a96e47e82fddaf52a5ee39c7ec20e34d493d6e01c275bb9e3772","sha512":"6ec24bc79813a6de3e5d6f65d9d34960d3ab64f2befdcb0475ebc2f81a5ed32d9430abf4c464db1bf31e9d90e3a2b9f857890138fb5a41ac8a58e0099311d42d","ssdeep":"","tlshash":"4951e93482f6185c9ccd8eace6d418191c60a46b824dc1def5cc7951ef4a502bc7a298","first_seen":"2023-12-05T16:53:58Z","last_seen":"2026-02-03T01:05:39.198036Z","times_seen":1301,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/ac/0a/fc/ac0afcb234395674cf9c884567e539b9.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /ac/0a/fc/ac0afcb234395674cf9c884567e539b9.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30801\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-2379=1; expires=Mon, 15 Sep 2025 02:30:42 GMT; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9d36b9ded721c4713155b2126fa1417e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76458,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"87f041f2eaa4d7b6ca9095cdbc3c1be0","sha1":"567ca4f5801d55f3606ce92e974bd02fdd1c98c6","sha256":"11ca98e7e06dd3c37e01cea33bc502880bcaa980be296e756501166c2edd8b9e","sha512":"09030dd4995cea123557460d2720ba1a7594a1f1bd18af90fe578d54daed10d09d340df3abcd6dcd298aa19df348be02ae69e04059ee31f4d5939186ed56ae9a","ssdeep":"1536:NxxKuAEEm3pEEim4mOdMJ6mXpH1fPzdsRt:kuAQWRHmUMJ6m5Jwt","tlshash":"b273c8897f50b05cc3da6577322fa40af06a1d42a14cf45ce122e8a4ffaa71df53b958","first_seen":"2025-09-14T22:05:17.824605Z","last_seen":"2025-09-15T02:31:11.829707Z","times_seen":2,"resource_available":true,"data":null}},"time_used":813,"timings":{"blocked":297,"dns":24,"connect":92,"send":0,"wait":96,"receive":109,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.197.252.180","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=ed630e7f-f115-4404-97ba-461d232c1c94:3:1; expires=Thu, 13 Sep 2035 02:30:42 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"ad0e322c481d20abb50243318ead0c90","sha1":"876b95e61b62192d1909ac080dc010714d652d88","sha256":"315101febb68095c8ab8701c7ffd15d49080e055794701b3d3487f00b24c327f","sha512":"d8ff5a3844fed83c88ec8ef3258196a045cb5ef0b789a65f94eefecea1fba2bfd04823e0d6cba4045cc81fd0a1ddce1dbe86f95bbcc651f59e165e52d2649518","ssdeep":"","tlshash":"169004c0511d30c4c10cd447df004307ccf445df01dc45f0110444444d30503d7f4413","first_seen":"2025-09-15T02:31:11.831991Z","last_seen":"2025-09-15T02:31:11.831991Z","times_seen":1,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":131,"dns":33,"connect":20,"send":0,"wait":22,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:42 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 775315b8a66c78e780ad33b0fcc6f92b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":1,"connect":17,"send":0,"wait":23,"receive":18,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/i/?l=https%3A%2F%2Fjxoxkplay.xyz%2Fpremiumtv%2Fbizz-streams2u.php%3Fid%3D18\u0026j=https%3A%2F%2Fziggogratis.shop%2F","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"104.26.11.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dtscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 12:11:28 GMT","end":"Sat, 29 Nov 2025 13:05:40 GMT"},"fingerprint":{"sha1":"8C:1A:8B:5A:0D:05:D0:E1:27:9B:25:7F:4F:AD:2F:0D:B4:F7:E5:14","sha256":"6E:3E:4E:99:17:89:21:6A:AA:63:31:A7:CE:8D:C6:4C:29:96:63:AE:64:9F:42:19:D7:28:92:10:03:EE:8D:75"}}},"request":{"raw":"GET /i/?l=https%3A%2F%2Fjxoxkplay.xyz%2Fpremiumtv%2Fbizz-streams2u.php%3Fid%3D18\u0026j=https%3A%2F%2Fziggogratis.shop%2F HTTP/1.1\r\nHost: t.dtscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-s: mtl2\r\nx-t: 0.435\r\nexpires: Mon, 15 Sep 2025 02:30:42 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=er9J6ax3P9eRlsysIICuyr4ZD8qcvnH1Ncg8R4xQJU0y%2B1%2FEq2in%2FmXlVlUIeugBqYQ%2FcEJsoDPZHr7IDmj%2FuwzioOzUz5CYcas%3D\"}]}\r\ncontent-encoding: br\r\nset-cookie: df=1757903443; SameSite=None; Secure; Path=/; Domain=dtscout.com; Max-Age=8640000; Expires=Wed, 24 Dec 2025 02:30:43 GMT\r\ncf-ray: 97f4b4291d36712d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2079,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2077)","md5":"51bd741af3fcc4984d1a753eebfa1141","sha1":"534664acf69cbbb5c9b97c96b63dd37bdc580da2","sha256":"3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c","sha512":"14958b02aed15cfa48facbdd8e8752ac7d1220631fb6af7658bcd5b804c0be52f9555a1d0ebe0bd68ee3a5f60164d97cbf020884d8757afaa3297d0768ab8886","ssdeep":"","tlshash":"0441a70bb5e9347813a2007a55ff235fb2324928ac1788c08196d804bc785faa1b6ea6","first_seen":"2023-03-07T01:03:00Z","last_seen":"2025-11-28T22:34:42.368027Z","times_seen":7807,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":16,"dns":5,"connect":1,"send":0,"wait":230,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.8512190966194495\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 14 Aug 2025 11:57:48 GMT","end":"Wed, 12 Nov 2025 12:55:14 GMT"},"fingerprint":{"sha1":"D4:3E:2D:C6:F4:04:8A:A6:38:80:A6:3F:B8:36:DF:7A:79:B8:B0:6B","sha256":"99:E2:A7:FD:97:EE:35:E5:8B:A6:DB:25:80:B5:FA:55:8E:72:BD:17:CC:CA:CB:6A:DF:CC:70:31:68:4F:F2:57"}}},"request":{"raw":"POST /ut/hb.php?cb=0.8512190966194495\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 818\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bUcR7A0MTUllGcf0u%2FpmtdjTFPxMMo1DHUeXxETMCwdBzRbhhQtfw%2F4huaP7szHcTAMCUfPvkZZIoUtxFLZ%2FoI%2F83vd3Qh6Sw7lSVuk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 97f4b42998f749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":17,"dns":5,"connect":3,"send":0,"wait":152,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggogratis.shop/embed/stream-18.php","date":"2025-09-15T02:30:42.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggogratis.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggogratis.shop/\r\nCookie: ID=0082456a8c1a49ffef7a8ad5c182f3f2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://ziggogratis.shop\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0082456a8c1a49ffef7a8ad5c182f3f2; expires=Tue, 15 Sep 2026 02:30:42 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 97f4b4264cd0712d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f8315a7759f73b0962f18c28f48a6ead","sha1":"5c1be7bc3dfa56716d1e73a98470e0bce61ba0ad","sha256":"e3a0eb6c54197d1a6d5c1571f6a8f750214aea4896f1e756a565cc0eeb264aea","sha512":"ebb54577dbe9c60ac048a183da3230c72a3d0a5f1ae1acecedb97f515a4efc5bb641f3c6f51061c3e09cd43b93fab597e41e5ed508f664050ced251f481210fd","ssdeep":"","tlshash":"6fa002c10a2865a50071175d5fdbd701141629a364149b0a91d9995321c636e4d45298","first_seen":"2025-09-15T02:31:11.799323Z","last_seen":"2025-09-15T02:31:11.799323Z","times_seen":1,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/c.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.4.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waust.at","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 Aug 2025 16:08:05 GMT","end":"Mon, 17 Nov 2025 17:07:33 GMT"},"fingerprint":{"sha1":"36:D8:6B:24:C6:E6:C8:AF:63:96:50:56:1D:40:88:5A:A9:5C:22:D2","sha256":"8E:A4:C7:DE:BE:00:BB:C8:F8:96:8E:5D:C3:FB:2A:0F:1C:7B:8B:FE:DA:35:BE:35:F2:6A:6E:DB:B2:D6:B7:34"}}},"request":{"raw":"GET /c.js HTTP/1.1\r\nHost: waust.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Thu, 12 Jun 2025 10:31:47 GMT\r\netag: W/\"684aac93-2f55\"\r\nexpires: Tue, 16 Sep 2025 02:19:09 GMT\r\ncache-control: max-age=86400\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 693\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WtDCedkwf1q7MG1U8%2BXm2uCMkc1DHgXXgtIpfxVniT4qW6hG4sN6LnXWwtfYO7wH0CBRufYbb4D4EFyKxrT4jFDQS%2FCd\"}]}\r\nserver: cloudflare\r\ncf-ray: 97f4b427df0fb4f4-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12117,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (12117), with no line terminators","md5":"7f167017c3edca98e152e2ad7e547032","sha1":"cbcbd0f11bd2f552cdd87cf1947fadc2b7371681","sha256":"52784de24aa1b312200cd6262ccecb5983c443290f1fe8d01790199be351b02d","sha512":"68c879651da562bb04d028bf0e4c5fcbfcbba27c7180fb3a0545dc6e6697b55aa1f422ab5fbfa557f6f1ab7107f0bcf3d12d1e4df2f15d209975b4da221cb33d","ssdeep":"192:lEpB4BQM5iClA7y1w65jqc4izncX9HVvW2kdjxWybsm8/29NBm2/MIGQKG+I8:lEpB4BQB9W1wC4bN1wdjxWybsm8/242o","tlshash":"8c424c55211b28b6a7ff50ea252f73057030543aaf4a905190a6c0bc36bde4f90ffeb6","first_seen":"2025-04-13T04:38:43.35501Z","last_seen":"2026-02-15T18:16:47.15295Z","times_seen":769,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":29,"dns":15,"connect":1,"send":0,"wait":9,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/53e378cfb27847b2216676ba795c0d37/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:41.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 Aug 2025 22:12:45 GMT","end":"Sun, 09 Nov 2025 22:12:44 GMT"},"fingerprint":{"sha1":"B9:F8:C8:45:C0:0A:8C:9E:D0:93:4C:61:6A:2B:96:49:20:7B:36:AD","sha256":"CB:4C:A5:11:03:46:B4:B3:1A:2C:67:7A:70:5E:BA:61:07:FB:22:C6:9B:14:E6:FC:FF:46:02:F6:30:DA:F0:A0"}}},"request":{"raw":"GET /53e378cfb27847b2216676ba795c0d37/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:41 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15965\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c110ee5e82536101e8e1c7c8d58e1140\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37655,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37655), with no line terminators","md5":"875606379f53b39b4b271e0cb578eb6e","sha1":"2b6e97d9c195fc001eaf6a628752159cb01853f0","sha256":"bed3b1a3273e4744ee46e6ad5233656cba71c5e28373122aaa559feaba70585f","sha512":"f5604dadf2bee1247d9727966b09088393b2bf1afad1684431c583c57ea1d931ea850471100216a0369e6c823b159779b7ef8e45da8cb77293c957386903f461","ssdeep":"768:JBd6ccutFYdYjHMjYZ6lRtsU8fg1L/lUUYEFYLetqz:bAc7tF0Y6HB8f0L/qJEFYLetqz","tlshash":"eaf2f6883fc0b3d456ab2867337fd01ba1955d04a54cd098e927f4e42ee876af727b60","first_seen":"2025-09-11T04:00:29.992584Z","last_seen":"2025-09-15T02:31:11.834955Z","times_seen":3,"resource_available":true,"data":null}},"time_used":867,"timings":{"blocked":333,"dns":50,"connect":95,"send":0,"wait":104,"receive":91,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/5/9590470/?bnr=1","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:41.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"GET /5/9590470/?bnr=1 HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:41 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97f4b41f5bf056ae-OSL\r\nx-trace-id: 6ea29857ba59b17dfe4042ec95ba5a94\r\nlink: \u003chttps://my.rtmark.net\u003e; rel=\"preconnect dns-prefetch\"\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nset-cookie: OAID=0082456a8c1a49ffef7a8ad5c182f3f2; expires=Tue, 15 Sep 2026 02:30:41 GMT; path=/; secure; SameSite=None\noaidts=1757903441; expires=Tue, 15 Sep 2026 02:30:41 GMT; path=/; secure; SameSite=None\nsyncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6bb237a712e60228212efa5c90f4d64a","sha1":"4883f3b5f8a99cee4d56dcb05260ef6188c832f6","sha256":"233eebc974f539eee632ed7d7f64d386120db08023a093698cf17829df79bbfa","sha512":"12fa7de17f9f6a7024ef3f3219c3fbeb9352ff496158a2cbe8bdca2b9f2ab0297881b6b319e81d66df61247892cf4ecae67a0ecdb6c2955296f9f01d3963c9ea","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO2a2g:LOtX93Mf3UAQbaC76GEBwO2a2g","tlshash":"45b30b9c625634711d7ad129385fc54caeeaef80048e89e4d4daac732653071d3bbfe8","first_seen":"2025-09-15T02:31:11.836599Z","last_seen":"2025-09-15T02:31:11.836599Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":26,"dns":4,"connect":4,"send":0,"wait":41,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: 66571f967735864f38c569488403bba1\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1547\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 15 Sep 2025 02:04:54 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B8%2FatElmBWJQLnlCtrF%2Fvz4r%2F4mtcbnhIXgDB3%2BhvKGQdNLmWqw8bzw7TNCzJz0i%2FDKZtYHofl5IqNA9AfLNm3wDhQoojaE%3D\"}]}\r\ncf-ray: 97f4b421e95e56a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109819,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8b9d55a4af1077a11ef179a7fbef88ef","sha1":"96c569fa3f52c3b81a33cd42b9c23fba737f72a3","sha256":"c548281ee18156b66358383e070e1b14ab942bac77ace39abc922186af4839ab","sha512":"4fbf1985ab1dfdcd4ea95c2a4aaf1d5e26cbdf2e5acede073ecc75c352874914df194668131c409d10b68a446a6f9f212d3c6cae1d65778c232b2107fab037e4","ssdeep":"1536:KOtQiEOxh8M3MCBCskobqUY3LghGVHtg7aC7n6wTEjtwO2C:KOtX93Mf3UuQbaC76GEBwO2C","tlshash":"c2b31c9c625734712d7a9129385fc44d6eeaef80048e89e4d0daac732653075d3bbfe8","first_seen":"2025-09-14T07:40:18.844336Z","last_seen":"2025-09-15T02:31:11.812811Z","times_seen":12,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":6,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggo-gratis.com/favicon.ico","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziggo-gratis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 18 Jul 2025 14:49:53 GMT","end":"Thu, 16 Oct 2025 15:47:08 GMT"},"fingerprint":{"sha1":"B9:95:B4:C1:78:35:44:5E:66:EF:20:BC:C8:58:64:2F:F1:F3:71:69","sha256":"AE:EC:A3:69:91:F9:12:23:B5:B3:8E:D0:60:FA:77:5C:82:7A:E6:E4:04:85:3A:08:9A:DC:80:13:0A:D2:DD:DB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ziggo-gratis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/roja12-9/s18.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: text/html\r\nvary: accept-encoding\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2xBP5vbjvJ6I6eeuxxxFI0UhgffGXG3IlXZYrgVfUdK%2Bn5jLGrhY42aScIgw%2BhDEH5BtVhX8eMnRizU3v3SgsNKS08Kd6LtWfxh%2BhWSV\"}]}\r\ncf-ray: 97f4b4254d6f56af-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-11T13:00:32.631555Z","times_seen":117629,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/apu.php?zoneid=9590485\u0026var=9590469","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bb2r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 22:55:22 GMT","end":"Wed, 03 Dec 2025 23:55:16 GMT"},"fingerprint":{"sha1":"1E:29:CA:C1:CD:A1:69:2B:B7:B8:02:B9:52:07:8A:3A:C2:34:CB:A6","sha256":"64:0C:C9:A2:46:B5:A1:1D:3C:81:80:5D:B4:5A:4A:CE:0C:A4:2D:17:29:2E:A2:6A:71:64:D9:9D:C5:BE:22:DC"}}},"request":{"raw":"GET /apu.php?zoneid=9590485\u0026var=9590469 HTTP/1.1\r\nHost: bb2r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: OAID=00824571f65c4b56e88ae6d1dda41223; oaidts=1757903442\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97f4b4254b4e8deb-OSL\r\nx-trace-id: 25836bc730d8594e3e98bb08946c7500\r\nlink: \u003chttps://my.rtmark.net\u003e; rel=\"preconnect dns-prefetch\"\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nset-cookie: OAID=00824571f65c4b56e88ae6d1dda41223; expires=Tue, 15 Sep 2026 02:30:42 GMT; path=/; secure; SameSite=None\noaidts=1757903442; expires=Tue, 15 Sep 2026 02:30:42 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":114880,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"943964f27b03f21fdc4673ae34f73b01","sha1":"b5a681cf6611e171367515fd0670fa69f32be1e2","sha256":"00c1b6309f742a288d63bcd63b6fb6665912dbdb56a7362d78be5b2dbf466230","sha512":"bc99d5f7bb8c6e237b54d0d0a3fd3a86ae80d78a3e2d9ddb310fef3d93e3611ac13765643ba2ed572522d10a349f489a46d69a9058e2b857f3b9dea6eccc962e","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO25H:LOtX93Mf3UAQbaC76GEBwO25H","tlshash":"14b30a9c625234711d7a9129785fc44caeeaef80148e89e4d4daac733653071d3bbfe8","first_seen":"2025-09-15T02:31:11.840303Z","last_seen":"2025-09-15T02:31:11.840303Z","times_seen":1,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/disable-devtool@latest/disable-devtool.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6646\r\ncf-ray: 97f4b4284b9d56bb-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 0.3.9\r\nx-jsd-version-type: version\r\netag: W/\"4514-YJEJ2C3rDH3T2dISgI3LoFSM49E\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-etou8220123-FRA, cache-lga21970-LGA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 37193\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=iKKrXwckKzHqXgq2u6n03%2B0p6GR7RD8IjPXLa8cSaR5B528dQ4r0MCVDGhb1GjIqF2NE0yMDuc7%2B9sT7Sp%2BobQ%2FKF1gmcp3siGhmSnGCW%2BpGG1KXIn1%2BVaZzL5N5hs2AxEo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17684,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17663)","md5":"7fa174926682313cc5a067077b0bb22d","sha1":"609109d82deb0c7dd3d9d212808dcba0548ce3d1","sha256":"5a7b9b2c807f85575c9ebc1f508e849b53430870b2d0fb6c02b2de3df661cb63","sha512":"83a593d4b8648b78031259becd96b4c33226e9462c2e26013ee0746ff58a7b710159d0d380d001d7740e9485ee346491c16e3fdb0d334f5b6cfabe6f90cda9b6","ssdeep":"192:m+5ekRvDLCpBK+BpP78nPk6O9ShgzsqcSYV0GtI+uwicvsbIUiJE2KmnyKU:mLiPCvRvT8nPk6cSCzsqGVJeZcsb8S9","tlshash":"0582c4ccb48270715b77a9e9507f454ab23aae96888c8040f13ed8e42c7c56ec267f7d","first_seen":"2025-08-02T03:49:54.562881Z","last_seen":"2026-04-11T12:58:00.226142Z","times_seen":3671,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":96,"dns":1,"connect":1,"send":0,"wait":11,"receive":0,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/wrr?z=9590485\u0026p_rid=45064c44-03e2-4d71-b8f5-041a56bcb06e\u0026rb=4clB-2ryDj44bZgU7Wc3yX4PT3sgRAuwhAB5WOcIJXTrpRyVMUWFckJPHcN5B_Voa0wYao9ySen_gn6HMNP3meCeRIkqcApXe9AXW_VK2ZPqmRDyEk7tc7K_nD_UtKJZhJ6rkl5yL2m1GuKfx1uNIV40f2Xq-Vz_ie3i0RDeDGJvAtoqa6_tDMvj8T1Te4j4c56YcBguZg_QO_0gHHO0281dx9YXLWjceicGvVds8rO99fuSd9voP7ORBNkTUEPuc4nk_NCSz0VyFN0cDFznIw==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bb2r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 22:55:22 GMT","end":"Wed, 03 Dec 2025 23:55:16 GMT"},"fingerprint":{"sha1":"1E:29:CA:C1:CD:A1:69:2B:B7:B8:02:B9:52:07:8A:3A:C2:34:CB:A6","sha256":"64:0C:C9:A2:46:B5:A1:1D:3C:81:80:5D:B4:5A:4A:CE:0C:A4:2D:17:29:2E:A2:6A:71:64:D9:9D:C5:BE:22:DC"}}},"request":{"raw":"OPTIONS /wrr?z=9590485\u0026p_rid=45064c44-03e2-4d71-b8f5-041a56bcb06e\u0026rb=4clB-2ryDj44bZgU7Wc3yX4PT3sgRAuwhAB5WOcIJXTrpRyVMUWFckJPHcN5B_Voa0wYao9ySen_gn6HMNP3meCeRIkqcApXe9AXW_VK2ZPqmRDyEk7tc7K_nD_UtKJZhJ6rkl5yL2m1GuKfx1uNIV40f2Xq-Vz_ie3i0RDeDGJvAtoqa6_tDMvj8T1Te4j4c56YcBguZg_QO_0gHHO0281dx9YXLWjceicGvVds8rO99fuSd9voP7ORBNkTUEPuc4nk_NCSz0VyFN0cDFznIw==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: bb2r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ziggo-gratis.com/\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncf-ray: 97f4b4353b038deb-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSunix48CC64mUR5rAHF5xJ93TPj3YPy667kcU1CflBDiJSXVU9KdPd1VZ1T0_mFAzIHsebx843yQbXZV3_AEEmAQ8BwfEgOWwQvHsR9igyk2jWd3g_6ntVfO-r9-VefkZc5PR0-SM1kFFE55t1u_rOhky4Kkx1ca3q2HX7ZnVDJi3vZrU_dbr3nuN6dftG9QPBttR8w3Zs27Gd6oLUIlT9-RkKmT7xnbpv171G3Wl66Ov_1ya3YKgF3jsjb0DyyWt_hB9DsjGS-NldYbYylb57L84jmimNHj9cT7YSVSSIL9NQWwiTw4tuKDMh5OsKVHJ4MQFUb386AQI5IZW3niNIDi9oIugdnDMNIogEAX8VRW8MEY0h6RhM7ULyXwjAOBaXkMSPFpUu6PY5SqfohFx58RdkMSFXnr-JJH56J5L96qqK8kyqxKAflpD9MWR3jDQ_QjaoQBZHYNkXkPxnMv_iAZJ4f8lECpKfXg_sjs1s0a5Rzls1z-F-ze_YvOa2On5D-M228DsziWQ4BjVzyE0FuawgDy3kqYWYn1Y9u-Mxh7qt0OesbXvU87gIbL_TsG3qszZyNuU-RJYOwaIhmN5BqnewJYfQ-Y8wmyUMt2Aygh4vUQiCwhAUlKCQBEVGUPTKAx6Zhikf8cjkgXMRGxfRLUcq6-4FByrriqQOqofQvNyX6edmFyybGw1Cw0dq6miQfbdw7_ba-sq91VrDbfufOiMa8HIvPSOvT1W2cOtvbInTKmU2DVnQcD3Xb7baHgt91ul4zVZbNF0_8GFkCWkqoMbCQE7I4rXHSOWE3FDHCOgRTHQEJq-C5m-DFiXoZolB8mwgu11V62qaSVNnKgZXJdLsCrJtay86I9dmf_1JeQzBTm79TmYGpkukusRn8pigGz0craiC7K-owpDvl9JMxnJAp3uwmtFMzD3-UGwXSvP7d83wm9tsCkzTJ2vCZA9owmXSNeTbO5JzoReUZoL8cN9siGA5N5t3cp3k6YPl9xfux6kWxkiVjEHlhJDfroPJCbn6dG22481X_oTUY-i8RJyfEPIv13QHJr3kbhSBji7xILVQ5OVIN4L_Dkc6CC87IkkQicuaBiXMS3UgXrpIp09RWe6Zh-hqCzTbRRKX6OkSvagEjYYw-dwoS_XJrV_dmSGIrFEQaWs_iHT01bneRp5WQ1c0mG132i3H7YTCcT3OwmbH83mL2q4rkJnJ5k-D9X8CAAD__07RiUDOBAAA","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:46.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSunix48CC64mUR5rAHF5xJ93TPj3YPy667kcU1CflBDiJSXVU9KdPd1VZ1T0_mFAzIHsebx843yQbXZV3_AEEmAQ8BwfEgOWwQvHsR9igyk2jWd3g_6ntVfO-r9-VefkZc5PR0-SM1kFFE55t1u_rOhky4Kkx1ca3q2HX7ZnVDJi3vZrU_dbr3nuN6dftG9QPBttR8w3Zs27Gd6oLUIlT9-RkKmT7xnbpv171G3Wl66Ov_1ya3YKgF3jsjb0DyyWt_hB9DsjGS-NldYbYylb57L84jmimNHj9cT7YSVSSIL9NQWwiTw4tuKDMh5OsKVHJ4MQFUb386AQI5IZW3niNIDi9oIugdnDMNIogEAX8VRW8MEY0h6RhM7ULyXwjAOBaXkMSPFpUu6PY5SqfohFx58RdkMSFXnr-JJH56J5L96qqK8kyqxKAflpD9MWR3jDQ_QjaoQBZHYNkXkPxnMv_iAZJ4f8lECpKfXg_sjs1s0a5Rzls1z-F-ze_YvOa2On5D-M228DsziWQ4BjVzyE0FuawgDy3kqYWYn1Y9u-Mxh7qt0OesbXvU87gIbL_TsG3qszZyNuU-RJYOwaIhmN5BqnewJYfQ-Y8wmyUMt2Aygh4vUQiCwhAUlKCQBEVGUPTKAx6Zhikf8cjkgXMRGxfRLUcq6-4FByrriqQOqofQvNyX6edmFyybGw1Cw0dq6miQfbdw7_ba-sq91VrDbfufOiMa8HIvPSOvT1W2cOtvbInTKmU2DVnQcD3Xb7baHgt91ul4zVZbNF0_8GFkCWkqoMbCQE7I4rXHSOWE3FDHCOgRTHQEJq-C5m-DFiXoZolB8mwgu11V62qaSVNnKgZXJdLsCrJtay86I9dmf_1JeQzBTm79TmYGpkukusRn8pigGz0craiC7K-owpDvl9JMxnJAp3uwmtFMzD3-UGwXSvP7d83wm9tsCkzTJ2vCZA9owmXSNeTbO5JzoReUZoL8cN9siGA5N5t3cp3k6YPl9xfux6kWxkiVjEHlhJDfroPJCbn6dG22481X_oTUY-i8RJyfEPIv13QHJr3kbhSBji7xILVQ5OVIN4L_Dkc6CC87IkkQicuaBiXMS3UgXrpIp09RWe6Zh-hqCzTbRRKX6OkSvagEjYYw-dwoS_XJrV_dmSGIrFEQaWs_iHT01bneRp5WQ1c0mG132i3H7YTCcT3OwmbH83mL2q4rkJnJ5k-D9X8CAAD__07RiUDOBAAA HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nCookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27410430=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:46 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+e42ccd946dafad5d39764d610fffda46=6136004; expires=Tue, 16 Sep 2025 02:30:46 GMT; path=/; secure; SameSite=None\niprc_l:6136004=3; expires=Tue, 16 Sep 2025 02:30:46 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0fe20d875f69805bb4ca0400cde920ef\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1669\u0026rd=1669\u0026fd=554\u0026bv=25.8.6603\u0026tmpl=70","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1669\u0026rd=1669\u0026fd=554\u0026bv=25.8.6603\u0026tmpl=70 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:42 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":3,"connect":92,"send":0,"wait":94,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4ae2da01209544bcce4c6b99b74e990a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":17,"send":0,"wait":24,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/wrr?z=9590480\u0026p_rid=7cbc7a61-956d-4d6b-ad75-4547595ae2f5\u0026rb=C3JVw0Iv2hj50UcfSoxzSGvTiYZwsPONtqzX7ctJeax_6umocl5NRUC8h4ZUXTWzya2VhYezJEs3cPK697zMflRcUuT9Ec6Wvb5RWGyBQFrP9vTF5Hv-2PX9jxpQTTNX2VxCP3YghQLV6xsbGOyB8WGpsHAUmQE2Cq1HqeVcfu2EJyFjTCXtUfhMD_JesJD35xengwAFDTo8Je41pnYAAjrwFHB8Wf0AbKU-XS9gBIytR6Sr8UPqQslLhKmAxlWohigiArBycMzFnA1OfnZHlQ==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bb2r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 22:55:22 GMT","end":"Wed, 03 Dec 2025 23:55:16 GMT"},"fingerprint":{"sha1":"1E:29:CA:C1:CD:A1:69:2B:B7:B8:02:B9:52:07:8A:3A:C2:34:CB:A6","sha256":"64:0C:C9:A2:46:B5:A1:1D:3C:81:80:5D:B4:5A:4A:CE:0C:A4:2D:17:29:2E:A2:6A:71:64:D9:9D:C5:BE:22:DC"}}},"request":{"raw":"OPTIONS /wrr?z=9590480\u0026p_rid=7cbc7a61-956d-4d6b-ad75-4547595ae2f5\u0026rb=C3JVw0Iv2hj50UcfSoxzSGvTiYZwsPONtqzX7ctJeax_6umocl5NRUC8h4ZUXTWzya2VhYezJEs3cPK697zMflRcUuT9Ec6Wvb5RWGyBQFrP9vTF5Hv-2PX9jxpQTTNX2VxCP3YghQLV6xsbGOyB8WGpsHAUmQE2Cq1HqeVcfu2EJyFjTCXtUfhMD_JesJD35xengwAFDTo8Je41pnYAAjrwFHB8Wf0AbKU-XS9gBIytR6Sr8UPqQslLhKmAxlWohigiArBycMzFnA1OfnZHlQ==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: bb2r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ziggo-gratis.com/\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:44 GMT\r\ncf-ray: 97f4b42d2efe8deb-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg","fqdn":"upload.wikimedia.org","domain":"wikimedia.org","tld":"org"},"ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.wikimedia.org","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 Aug 2025 07:58:25 GMT","end":"Fri, 14 Nov 2025 07:58:24 GMT"},"fingerprint":{"sha1":"00:6B:23:79:C6:3F:3F:33:1C:96:A8:58:E3:42:75:58:02:2B:84:D3","sha256":"AC:53:65:9E:C2:DF:AA:6F:9B:55:55:44:CF:4E:94:5A:41:C1:12:6D:4F:EA:F3:3D:EB:5E:40:17:00:3A:2E:26"}}},"request":{"raw":"GET /wikipedia/commons/2/21/Speaker_Icon.svg HTTP/1.1\r\nHost: upload.wikimedia.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Sep 2025 13:12:47 GMT\r\nserver: ATS/9.2.11\r\netag: W/1e965f9ca6bac55c4bfece8dabe6fa47\r\ncontent-type: image/svg+xml\r\nx-object-meta-sha1base36: rcosig5pk1fefnugtbiewl19zhtt86j\r\nlast-modified: Wed, 28 Aug 2019 18:11:18 GMT\r\ncontent-encoding: gzip\r\nage: 47875\r\naccept-ranges: bytes\r\nx-cache: cp3076 hit, cp3076 hit/40156\r\nx-cache-status: hit-front\r\nserver-timing: cache;desc=\"hit-front\", host;desc=\"cp3076\"\r\nstrict-transport-security: max-age=106384710; includeSubDomains; preload\r\nreport-to: { \"group\": \"wm_nel\", \"max_age\": 604800, \"endpoints\": [{ \"url\": \"https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error\u0026schema_uri=/w3c/reportingapi/network_error/1.0.0\" }] }\r\nnel: { \"report_to\": \"wm_nel\", \"max_age\": 604800, \"failure_fraction\": 0.05, \"success_fraction\": 0.0}\r\nx-client-ip: 91.90.42.154\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache\r\ntiming-allow-origin: *\r\nset-cookie: WMF-Uniq=XvjgE_WOtONH45OQd9gZgwJvAAAAAFvdG9KW4bxnUh8S2l4OJ0-qRraBJ0CPDeD7;Domain=upload.wikimedia.org;Path=/;HttpOnly;secure;SameSite=None;Expires=Tue, 15 Sep 2026 00:00:00 GMT\r\ncontent-length: 328\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}],"data":{"size":514,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1e965f9ca6bac55c4bfece8dabe6fa47","sha1":"ea28e0f6d1a42bd7f2ab416bcf2a9fd0dde55fab","sha256":"70e589ae4b79586ddd4eadd1ac8b501d64ab0433c2038c92e945fbb6195ad7a9","sha512":"ac5cba3ff4bd990c24695203c88c8b444051059398c8d7b53c8dd87bbe4d2693000a2b2e502bcfc0dee7b745b01a580c9dba3cf362337003626f9e18394fed75","ssdeep":"","tlshash":"53f0591d83865c3ea0628b148750f90963bb5552a672f394cebd1b7325171d450bbaec","first_seen":"2024-06-21T01:55:05Z","last_seen":"2026-04-08T16:06:31.59257Z","times_seen":1025,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":86,"dns":38,"connect":19,"send":0,"wait":19,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/pure","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"OPTIONS /pixel/pure HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ziggo-gratis.com/\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1728000\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":722,"timings":{"blocked":309,"dns":1,"connect":92,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1483060892851.js?key=3aee509c2c8c8b02c504f8f11f6c6921\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=ed630e7f-f115-4404-97ba-461d232c1c94%3A3%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1483060892851.js?key=3aee509c2c8c8b02c504f8f11f6c6921\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=ed630e7f-f115-4404-97ba-461d232c1c94%3A3%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://ziggo-gratis.com\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://torchfriendlypay.com/watch.1483060892851.js?dev=e\u0026key=3aee509c2c8c8b02c504f8f11f6c6921\u0026kw=%5B%5D\u0026pst=1757903503\u0026rb=\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026res=14.3095\u0026rmtc=t\u0026shu=fff9641e205ca7b98e7966f0fad466f81822c149f7b77a7ea033087dbe985626e5f58f65ca0d30ab1b02583abb247814ed2d0585f48c2f65e8ef9ba2dc31f5d2d7663085fb3a066b0807bf94f7646c119ed37bd140a3192948e127\u0026tz=0\u0026uuid=ed630e7f-f115-4404-97ba-461d232c1c94%3A3%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzEwMDI2MywiayI6IjNhZWU1MDljMmM4YzhiMDJjNTA0ZjhmMTFmNmM2OTIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MTE4ODkwLCJwaWQiOjI3MTU1ODgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoibTI4cjdhazd3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3ppZ2dvLWdyYXRpcy5jb20vcm9qYTEyLTkvczE4LnBocCIsImFyIjpbXX19.5HDoNKHczEYcbMDCLRJPiHKja4Qk2qnmH5ecKRkMJ_8; expires=Mon, 15 Sep 2025 02:31:43 GMT; path=/; secure; SameSite=None\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8d0079f51dac5a5146a6b139b4c80dcb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4888,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aqle3.com/btag.min.js","fqdn":"aqle3.com","domain":"aqle3.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:41.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aqle3.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 05:14:40 GMT","end":"Fri, 31 Oct 2025 05:14:39 GMT"},"fingerprint":{"sha1":"B5:AF:31:69:6A:17:9F:07:AB:25:8D:39:30:58:25:73:03:BA:1C:5C","sha256":"4C:E8:A7:A1:D3:5F:96:81:0B:BA:76:E1:51:5D:37:28:95:43:CA:8A:9B:79:C9:D9:5C:85:67:80:87:A9:E9:84"}}},"request":{"raw":"GET /btag.min.js HTTP/1.1\r\nHost: aqle3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 15 Sep 2025 02:30:41 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: d355500ab38f4e3d21fd23f85ee29f6b\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6301,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5952)","md5":"17ea1002d3cdc2a66b35ef893e72f6d1","sha1":"8f973a53a336bb7c15bc385a201af1fba8578af4","sha256":"76b71ec9dace7756039ed4466f8863e27b302530a2283cf5260bb3bc39fe9c7a","sha512":"46b7b31498222c8fb106040df871cc857888620959c219cc2ec7f66250d71c34680d43de3af8858566132a42e1722f2afc828a196a600f74e7a3d08515a0af61","ssdeep":"192:6KfsrGxbTmXnk85/ZgrqXRoJYAF0F2cKI6cU254PD:1KGxnmXnj1X+JYAF0F2cKI6cU2+PD","tlshash":"12d1d83e3bb42175b18c068d347f6b68fb6ab52467124c74b24cedfa6310c9264ba536","first_seen":"2025-07-31T19:55:30.99116Z","last_seen":"2025-11-25T08:25:16.302375Z","times_seen":255,"resource_available":true,"data":null}},"time_used":290,"timings":{"blocked":128,"dns":42,"connect":27,"send":0,"wait":30,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl27200752.revenuecpmgate.com/1f/f0/9b/1ff09b7e889907be3339c33a3eb5f1f1.js","fqdn":"pl27200752.revenuecpmgate.com","domain":"revenuecpmgate.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:41.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"revenuecpmgate.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 Aug 2025 10:31:51 GMT","end":"Thu, 27 Nov 2025 10:31:50 GMT"},"fingerprint":{"sha1":"9B:93:AB:0D:BE:A3:40:A9:58:BE:A3:A6:F2:18:92:29:E2:1A:7C:32","sha256":"3D:E6:EC:90:1B:27:54:04:90:26:18:BF:8B:27:48:04:F0:C5:14:27:1A:9A:E4:4E:F5:34:6A:12:D9:06:9D:41"}}},"request":{"raw":"GET /1f/f0/9b/1ff09b7e889907be3339c33a3eb5f1f1.js HTTP/1.1\r\nHost: pl27200752.revenuecpmgate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:41 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 39509\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: pl27200752.revenuecpmgate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 20be1356a40dce9453dc437005aec1ee\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110144,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"be3db27d4e887d6e7bfc3aa4e77f8361","sha1":"bdfff07741d4f42245c07bb93447e16ed6ca45ac","sha256":"545f505199d3913209372d239d4cfa8b4e7d547358af16ee6d7374bd65b49551","sha512":"3b36aeb88d9ad6cda9d2a59f0737ae15bb6f5011cf4780d4adfdd31612e78682b1986c80999a277f4c94a16d617598d87e5956775e0c35dcd76ea59fca985937","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170BUEtlIJk73I:TD8vCGVIl+R3Etl2","tlshash":"dfb3b7887f80f56c115630b2232fa05af2e91e41a8ccd548f557fde92a2d377b439a78","first_seen":"2025-09-13T22:45:24.344071Z","last_seen":"2025-09-15T02:31:11.845671Z","times_seen":2,"resource_available":true,"data":null}},"time_used":823,"timings":{"blocked":309,"dns":26,"connect":92,"send":0,"wait":99,"receive":98,"ssl":196},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"pl27200752.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2570\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cc7dca2a28849e3967662c6baca3bad8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":703,"timings":{"blocked":304,"dns":25,"connect":91,"send":0,"wait":93,"receive":1,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziggo-gratis.com/embeds/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziggo-gratis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 18 Jul 2025 14:49:53 GMT","end":"Thu, 16 Oct 2025 15:47:08 GMT"},"fingerprint":{"sha1":"B9:95:B4:C1:78:35:44:5E:66:EF:20:BC:C8:58:64:2F:F1:F3:71:69","sha256":"AE:EC:A3:69:91:F9:12:23:B5:B3:8E:D0:60:FA:77:5C:82:7A:E6:E4:04:85:3A:08:9A:DC:80:13:0A:D2:DD:DB"}}},"request":{"raw":"GET /embeds/s18.php HTTP/1.1\r\nHost: ziggo-gratis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/roja12-9/s18.php\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y1o01ZVxq0rhbPiIkc%2FGfTUs9hZNck2py7sl1GiZvtW%2FEslSk54L26Y9EgjsKKp8TEMrbFOC%2B3onbaC2PwNRgAbAcbSLfHVGwlOA4K0n\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 97f4b421ad6656af-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"9b93c369f95c2924dfe512e3cc14cc04","sha1":"024754614c460a48a672f676d4001a612badd9b5","sha256":"19202d0a628993aef5959f8903e520acc45331cc7b61b6967f34ae7782d8f039","sha512":"9314e8747f9b39301e9389fca88bc1b096c95baf0777c35883d70f85c6ac502c660810ccfd8b81afe8e2504c705c7fb25b10a744953942389fc9576fabf234eb","ssdeep":"","tlshash":"f2c02ba3d3842008542057cd72d0a85d57f3bd8bb2908b5138e430101509ce63da275c","first_seen":"2025-09-15T02:31:11.851184Z","last_seen":"2025-10-12T18:48:40.806223Z","times_seen":2,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggogratis.shop/embed/stream-18.php","fqdn":"ziggogratis.shop","domain":"ziggogratis.shop","tld":"shop"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ziggo-gratis.com/embeds/s18.php","date":"2025-09-15T02:30:42.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziggogratis.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 26 Jul 2025 13:52:01 GMT","end":"Fri, 24 Oct 2025 14:50:46 GMT"},"fingerprint":{"sha1":"F6:D2:0B:7D:2C:B0:93:16:A1:31:8C:8F:52:55:AC:3B:B1:93:2E:45","sha256":"C8:7F:35:83:2F:F3:1F:45:95:94:1E:81:0A:FD:CC:3F:0E:73:2E:B5:FB:BA:5F:4D:45:50:70:D6:6A:C2:BE:12"}}},"request":{"raw":"GET /embed/stream-18.php HTTP/1.1\r\nHost: ziggogratis.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: frame-ancestors 'self' http://ziggo-gratis.com https://ziggo-gratis.com\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9VVzKt1nVG9gDs7ArB1enWkiCykn5tqbyuLqA2rfftMUbL%2FnVTBOPzgeGI62RSaEvYbdU3qLtwz0TX7k%2F2m7LCnZEqS8WrdQNtUR8wmFpYQ%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 97f4b4244ab00731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":790,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"c434835e5b4820afee9a81f160237944","sha1":"82b74b357f3bf211af47904aa22be85f63ec0190","sha256":"214264ede4a925c6929393f880a46e7f2c46fa878dde9db0d96b3e11337ac8cc","sha512":"d8bb98a1e5bf5c3f6075543dc0587dec95de8fc1c38abad7f9bf13d15b67283e851286b3628e713a89140cf42e091abcc564973b566ee98925166c403381badf","ssdeep":"","tlshash":"b1012573fc00532908344178b0f0f25c0aa77915f5119880f09dd4fa6bd4fd58c9766d","first_seen":"2025-09-15T02:31:11.853745Z","last_seen":"2025-09-15T02:31:11.853745Z","times_seen":1,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":38,"dns":22,"connect":1,"send":0,"wait":109,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/pure","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"OPTIONS /pixel/pure HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ziggo-gratis.com/\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1728000\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":593,"timings":{"blocked":195,"dns":1,"connect":96,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amt3.com/5/9295934/?oo=1\u0026js_build=iclick-v1.1570.0\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1","fqdn":"amt3.com","domain":"amt3.com","tld":"com"},"ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggogratis.shop/embed/stream-18.php","date":"2025-09-15T02:30:43.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amt3.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 05:21:33 GMT","end":"Thu, 09 Oct 2025 05:21:32 GMT"},"fingerprint":{"sha1":"4F:52:B5:E1:62:6B:8E:6A:12:14:9C:87:72:1B:0C:49:B6:1B:B3:DD","sha256":"60:A1:B7:F3:D5:3A:87:F3:6A:F6:90:C5:70:D6:FD:50:C1:44:A8:9F:C9:62:EA:57:E1:E2:29:B4:19:91:E9:F5"}}},"request":{"raw":"POST /5/9295934/?oo=1\u0026js_build=iclick-v1.1570.0\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1 HTTP/1.1\r\nHost: amt3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2669\r\nOrigin: https://ziggogratis.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggogratis.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggogratis.shop\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":420,"timings":{"blocked":190,"dns":87,"connect":26,"send":0,"wait":35,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1483060892851.js?dev=e\u0026key=3aee509c2c8c8b02c504f8f11f6c6921\u0026kw=%5B%5D\u0026pst=1757903503\u0026rb=\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026res=14.3095\u0026rmtc=t\u0026shu=fff9641e205ca7b98e7966f0fad466f81822c149f7b77a7ea033087dbe985626e5f58f65ca0d30ab1b02583abb247814ed2d0585f48c2f65e8ef9ba2dc31f5d2d7663085fb3a066b0807bf94f7646c119ed37bd140a3192948e127\u0026tz=0\u0026uuid=ed630e7f-f115-4404-97ba-461d232c1c94%3A3%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1483060892851.js?dev=e\u0026key=3aee509c2c8c8b02c504f8f11f6c6921\u0026kw=%5B%5D\u0026pst=1757903503\u0026rb=\u0026refer=https%3A%2F%2Fziggo-gratis.com%2Froja12-9%2Fs18.php\u0026res=14.3095\u0026rmtc=t\u0026shu=fff9641e205ca7b98e7966f0fad466f81822c149f7b77a7ea033087dbe985626e5f58f65ca0d30ab1b02583abb247814ed2d0585f48c2f65e8ef9ba2dc31f5d2d7663085fb3a066b0807bf94f7646c119ed37bd140a3192948e127\u0026tz=0\u0026uuid=ed630e7f-f115-4404-97ba-461d232c1c94%3A3%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nReferer: https://ziggo-gratis.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzEwMDI2MywiayI6IjNhZWU1MDljMmM4YzhiMDJjNTA0ZjhmMTFmNmM2OTIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MTE4ODkwLCJwaWQiOjI3MTU1ODgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoibTI4cjdhazd3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3ppZ2dvLWdyYXRpcy5jb20vcm9qYTEyLTkvczE4LnBocCIsImFyIjpbXX19.5HDoNKHczEYcbMDCLRJPiHKja4Qk2qnmH5ecKRkMJ_8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nContent-Type: text/html\r\nContent-Length: 3298\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://ziggo-gratis.com\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=ed630e7f-f115-4404-97ba-461d232c1c94:3:1; expires=Mon, 22 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\nu_pl27100263=1; expires=Tue, 16 Sep 2025 02:30:43 GMT; path=/; secure; SameSite=None\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 11757d2678a96d7e780525b7657d0e76\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4888,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (4012)","md5":"c526bca1731c47d27b3e706606b86b6f","sha1":"8eb0aa1448abaa63ffdbf9255f51684ce7895641","sha256":"2c667c89ec2ff58b91173605ff536cdd57190b2c572fe23c3b35e6fefc192f3c","sha512":"9110d1ba26e4c0a2836786c19666dc60dc8142e97ada4ef02b459a523dc7039f8088eadf16da9fca73d9ddafca6fd84c2ca20fbb7da22a3f4762efdb4dee9b02","ssdeep":"96:Foz+wSjgyJhHtP2Uj1b9fVIQtviyp/f1/DKCfMEDaH:yzmjbH4U5ZVIQ1iypFbKCkCaH","tlshash":"b4a1283a1e856164051a207f1aa6611c39a1d00f7e42ed06fe4cfb105b287e48ebed98","first_seen":"2025-09-15T02:31:11.855793Z","last_seen":"2025-09-15T02:31:11.855793Z","times_seen":1,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/pure","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"POST /pixel/pure HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 73\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":1,"connect":93,"send":0,"wait":100,"receive":0,"ssl":218},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbs?c=1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:46.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nCookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27410430=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:46 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fcenter_banner%2F2%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=87","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fcenter_banner%2F2%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=87 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nCookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27410430=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:46 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/center_banner/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:46.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/center_banner/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 15 Sep 2025 02:30:46 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O8PMfTXFLeqFkuvOyX6KOMKgMd91yrBT%2BWFfRGMtNEETlQju8ONlbcQBlVILPy3ClNlSxBzTw3ptV2aC5MCeXiwpJcW%2BpBxo6QbY1CeOKuM%3D\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 216784\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-3cf\"\r\ncf-ray: 97f4b439aa700731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":975,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"bfd47b5dfff6e6feac7624980fe9f680","sha1":"b437c81b3addc9d7154b96f495b2eb82148e5101","sha256":"b53d941e5ec9ce3482ce722008c8dfdae35f630aa4a7cb7c4bdd0e7342fc63fb","sha512":"edbc2509ebf5b53042d1219d29ae84b0c5c8556a9aa8b34d1f3f943dd6cf8e424287bfb29ca98fe7d4776cd3a5efeae11ca77833892030ab67a156a1393d6f8d","ssdeep":"","tlshash":"61115b37116982f46357f027a21725daea32029be81b9717721c05cd0fd47b913f96e7","first_seen":"2023-12-05T16:53:58Z","last_seen":"2026-02-03T01:05:39.247335Z","times_seen":1197,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:02 GMT","end":"Mon, 17 Nov 2025 08:41:01 GMT"},"fingerprint":{"sha1":"ED:FC:A5:F2:F4:07:8E:0E:EA:C7:96:D8:BE:47:04:EE:34:72:47:E9","sha256":"42:1D:9B:CD:2D:EC:4C:72:94:02:2C:88:B5:FF:BC:A2:B8:35:1B:C6:E0:B5:97:71:DB:7D:5B:6A:FA:CA:C1:8A"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 15 Sep 2025 02:30:46 GMT\r\ndate: Mon, 15 Sep 2025 02:30:46 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":75,"dns":0,"connect":14,"send":0,"wait":43,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/76/82/d6/7682d6bdf02cae1f1545b579943917b0.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /76/82/d6/7682d6bdf02cae1f1545b579943917b0.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 39390\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fd627576cdc774e6bc74538e86c899b8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":109662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ce2600bf08f8ab8f932aa29763aa7a1b","sha1":"c75112ae1ae96497b9eb253ed5a87bccdc940250","sha256":"060b10cba37b625d649daa021f9d3fe1244e174b0946ea94bd7be3221eaffc3e","sha512":"c0dec61630e15dd9a578b75190089f6d68b89bd039780fd234c65210b03c0b0a5e6e6267ff3022c57c65cdc08a635ff870e0bd252d10d91f87ae21e2aad79792","ssdeep":"1536:WV8IsE162TOup6SJr5qQLHvuiCh+JAxy1m7E7t1u9DHto:WV5suvnbkAmY","tlshash":"f4b3c68c3f7ef02d16b6a037223f6416e15a0d0140dce5ace117dde83a6c79ae57da26","first_seen":"2025-09-15T02:31:11.859046Z","last_seen":"2025-09-15T02:31:11.859046Z","times_seen":1,"resource_available":true,"data":null}},"time_used":827,"timings":{"blocked":300,"dns":30,"connect":96,"send":0,"wait":102,"receive":106,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2570\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4f0720a20e42e805416e7033a9bb7dc1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":714,"timings":{"blocked":301,"dns":25,"connect":95,"send":0,"wait":94,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/pure","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:43.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"POST /pixel/pure HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 73\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:43 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/ren.gif?sid=H4sIAAAAAAAC_1RSv28cRRSePUeioEAQRBMhXZGCSNx573bvx5IiSkiMIoITJbZcIITm154H7-4sM7u356ssLKGUR0e5_s6ORYhC-AOQ0NkShSUkjgK5iIVET4OUEqE7Gxxe8X7M92b0vW_elzv5CfGQ0-N7H-mhiiK62Kq71XfWVCJ0YavLK9WGW3evVtdU0vavVgczZ_rvNTy_7l6pfiD5hl5sug3XbbiN6pIyMtSDxTkKlT4JGvXArfvNeqPlY2D-X9vcgaUORP-EvAElpq_9EX4MxSdI4mc3pd3IdPrurTiPaKYN-mJ_NdlIdJEgPk9D4yBM9s-6oe2UkK8r0Mn-2QTQ_d3ZBGBqSipvPQdL9s9ogvX3TpmyCDIBE6-i6E8gowkUnYDrbSjxCwG4wPJdJPGjZW0KunmK0hk6JRde_AVVTMmF528iiZ_eiNSg-kBHeaZ0YjEIS6jBBKo3QZofIBtWoIoD8OwLKPEzWXxxB0m8e9dGGkocX2Zu1-Wu7NSoEO2a3xBBLei6oua1u0FTBq2ODLpziVQ4AbULyG0FuaogDx3kqYNYHFd9t-vzBvXaYSB4x_Wp7wvJ3KDbdF0a8A5yPuM-QpaOwKMRuNlCarawoUYw-Y-w6yWscGAzgr4oUUiCwhIUlKBQBEVGUPTLPRHZpi0ficjmrHEWm2fRK8c66-2wPZ31ZFIHNSMYUe6q9HO7DZ4tjIehFWM9c5Rl3y3dur6yev_Wg1rT6wSfNsaUiXInPSGvz1R2cO1vbMjjKuUuDTlrer4XtNodn4cB73b9VrsjW17AAlhVQtkKqHUwVFOyfOkxUjUlV_QhGD2AjQ7A1UXQ_G3QogRdLzFMng1Vr6drPUMzZetcxxC6RJpdQLbp7EQn5NL8rz8pDyH50bXfydzATYnUlPhMHRL0oofj-7ogu_d1Ycn3d9NMxWpIZ3vwIKOZXHj8odwstBG3b9rRN9f5DJilT1akze7QRKikZ8m3N5QQ0ixpwyX54bZdk-xebtdv5CbJ0zv33l-6HadGWqt0MgFVU0J-uwyupuTi05X5jrde-RPKTGDyEnF-RMi_XNMt2PScu9UEJjrHWeqgyMuxabL_DseGhecdkSKI5HlNWQn7Us3kSxfp7Cmqyh37ED3jgGbbSOISfVOiH5Wg0Qg2XxhnqTm69qs3N7DIGbPIOLssMtFXp3pbdVxtNZnX7nbbMmyL0BNe0xNBy5WBT4O2H_gtZHa6_tNw9Z8AAAD__7K5GZ7OBAAA","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSv28cRRSePUeioEAQRBMhXZGCSNx573bvx5IiSkiMIoITJbZcIITm154H7-4sM7u356ssLKGUR0e5_s6ORYhC-AOQ0NkShSUkjgK5iIVET4OUEqE7Gxxe8X7M92b0vW_elzv5CfGQ0-N7H-mhiiK62Kq71XfWVCJ0YavLK9WGW3evVtdU0vavVgczZ_rvNTy_7l6pfiD5hl5sug3XbbiN6pIyMtSDxTkKlT4JGvXArfvNeqPlY2D-X9vcgaUORP-EvAElpq_9EX4MxSdI4mc3pd3IdPrurTiPaKYN-mJ_NdlIdJEgPk9D4yBM9s-6oe2UkK8r0Mn-2QTQ_d3ZBGBqSipvPQdL9s9ogvX3TpmyCDIBE6-i6E8gowkUnYDrbSjxCwG4wPJdJPGjZW0KunmK0hk6JRde_AVVTMmF528iiZ_eiNSg-kBHeaZ0YjEIS6jBBKo3QZofIBtWoIoD8OwLKPEzWXxxB0m8e9dGGkocX2Zu1-Wu7NSoEO2a3xBBLei6oua1u0FTBq2ODLpziVQ4AbULyG0FuaogDx3kqYNYHFd9t-vzBvXaYSB4x_Wp7wvJ3KDbdF0a8A5yPuM-QpaOwKMRuNlCarawoUYw-Y-w6yWscGAzgr4oUUiCwhIUlKBQBEVGUPTLPRHZpi0ficjmrHEWm2fRK8c66-2wPZ31ZFIHNSMYUe6q9HO7DZ4tjIehFWM9c5Rl3y3dur6yev_Wg1rT6wSfNsaUiXInPSGvz1R2cO1vbMjjKuUuDTlrer4XtNodn4cB73b9VrsjW17AAlhVQtkKqHUwVFOyfOkxUjUlV_QhGD2AjQ7A1UXQ_G3QogRdLzFMng1Vr6drPUMzZetcxxC6RJpdQLbp7EQn5NL8rz8pDyH50bXfydzATYnUlPhMHRL0oofj-7ogu_d1Ycn3d9NMxWpIZ3vwIKOZXHj8odwstBG3b9rRN9f5DJilT1akze7QRKikZ8m3N5QQ0ixpwyX54bZdk-xebtdv5CbJ0zv33l-6HadGWqt0MgFVU0J-uwyupuTi05X5jrde-RPKTGDyEnF-RMi_XNMt2PScu9UEJjrHWeqgyMuxabL_DseGhecdkSKI5HlNWQn7Us3kSxfp7Cmqyh37ED3jgGbbSOISfVOiH5Wg0Qg2XxhnqTm69qs3N7DIGbPIOLssMtFXp3pbdVxtNZnX7nbbMmyL0BNe0xNBy5WBT4O2H_gtZHa6_tNw9Z8AAAD__7K5GZ7OBAAA HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nCookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27410430=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:45 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 54d2772c07718250328e3d47ea1b9002\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/sbar.json?key=ac0afcb234395674cf9c884567e539b9\u0026abtopt=b\u0026abt=FEATURES-2379_1\u0026uuid=b080c0e7-add6-41d9-980d-36892e957e98","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /sbar.json?key=ac0afcb234395674cf9c884567e539b9\u0026abtopt=b\u0026abt=FEATURES-2379_1\u0026uuid=b080c0e7-add6-41d9-980d-36892e957e98 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:45 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4998\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://ziggo-gratis.com\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; expires=Mon, 22 Sep 2025 02:30:45 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Tue, 16 Sep 2025 02:30:45 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Tue, 16 Sep 2025 02:30:45 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Tue, 16 Sep 2025 02:30:45 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Tue, 16 Sep 2025 02:30:45 GMT; path=/; secure; SameSite=None\nu_pl27410430=1; expires=Tue, 16 Sep 2025 02:30:45 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5530af246302330f2e0f575de74056d9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6421,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"e4db6b892cb14da18445c08ebce06c0d","sha1":"fa7a65b8758010163fcca47157ef285d0acf0daf","sha256":"0d501b97f133e6007b81ee2a902180b145c737ff092008721456f1de46779001","sha512":"be3b5c556acbb71f08dbe2c6e0d32c6f6aa3118b123f840faab9edba7a6e51ba738867367d58ec97587e461f09b436a6059eba673695257759616d93f3a6acd5","ssdeep":"192:9zCc0e9HtqdJt4JZRlZmNL+8iBLoekm+cQG:9zRHtmzKjqNABLoekm+cf","tlshash":"4cd15b7e4accb3d247078a90b5025ebe0802688abd558e8dede7837fb43c92c5f0565d","first_seen":"2025-09-15T02:31:11.86095Z","last_seen":"2025-09-15T02:31:11.86095Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1027,"timings":{"blocked":318,"dns":32,"connect":93,"send":0,"wait":389,"receive":1,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/64/84/55/648455d14351f082406d919c7ded5911/1756656812.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/64/84/55/648455d14351f082406d919c7ded5911/1756656812.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53256\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:13:32 GMT\r\netag: \"68b474ac-d008\"\r\nexpires: Wed, 17 Sep 2025 02:30:45 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53256,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:43:07], progressive, precision 8, 728x90, components 3","md5":"4c5c2570b33199ffda90981fe1da750e","sha1":"2077252b068c40b2ce598235ab01534aaf2bc897","sha256":"9e4a2e335b033d6caf93236c0905e543b644412d53c49e9af23ffcd1d69c9c60","sha512":"02e9518a66b52533ecf3d50064f86074137e37c0b27d2ca2b2ebf8b212cc95812abd3eb36d7f00c9b7c0d1db702f7fd0c7522b69d2920ac031825d04d1c33cb4","ssdeep":"768:2w+h7WEiSw+h7WSEYyNt1GGJD6G4257X0yhGw3qUxdLoxPCCtfm3EXAcg95UVh:2Rh6CRh6SERt1GGJw25Avwf4PtKEXbga","tlshash":"df33d11cfba6de21fde5d2b410a3ca96b3276b04a3b375907c9d694137f06826d8e112","first_seen":"2025-09-02T16:16:24.139468Z","last_seen":"2026-04-10T13:21:10.824402Z","times_seen":665,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":124,"dns":1,"connect":21,"send":0,"wait":42,"receive":34,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziggo-gratis.com/roja12-9/s18.php","fqdn":"ziggo-gratis.com","domain":"ziggo-gratis.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-15T02:30:40.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziggo-gratis.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 18 Jul 2025 14:49:53 GMT","end":"Thu, 16 Oct 2025 15:47:08 GMT"},"fingerprint":{"sha1":"B9:95:B4:C1:78:35:44:5E:66:EF:20:BC:C8:58:64:2F:F1:F3:71:69","sha256":"AE:EC:A3:69:91:F9:12:23:B5:B3:8E:D0:60:FA:77:5C:82:7A:E6:E4:04:85:3A:08:9A:DC:80:13:0A:D2:DD:DB"}}},"request":{"raw":"GET /roja12-9/s18.php HTTP/1.1\r\nHost: ziggo-gratis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=af9H88vXRsONOadzCf0qNgaD8KGPj95yQvhyYMv89XgVcBgrTPI77mV5KM%2BJ6qdRgLS%2Br1mPTDzU8THZ7wx7sCzL062vfMeQEyztHT0Fp8U%3D\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 97f4b417f9e58be6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2566,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"1de2024731fef7c3e0c24691f5917833","sha1":"415a57e3efc655ce3b8f57b296a372e0950ddb7f","sha256":"cf4a5aa3237b60672ca313549ae3471ff3fcfd6e4676efb9d7e8839ce6c19594","sha512":"62e4e7a0a23bd5fa2b203261b31ad6bc53e47f08c5408f525f35748ceccc61e683b3bfdf59f7aef84188a300176f3ce71bc0d43d43e9e6d6bcd2870d9aba3c79","ssdeep":"","tlshash":"4551650dfc8bd518486308c890b6d92ce4a4f2559617ccd6a2fcd87ae798fda1c45bcc","first_seen":"2025-09-15T02:31:11.86391Z","last_seen":"2025-09-15T02:31:11.86391Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1136,"timings":{"blocked":197,"dns":1,"connect":1,"send":0,"wait":742,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/suv5.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 21:39:20 GMT","end":"Sun, 07 Dec 2025 22:39:07 GMT"},"fingerprint":{"sha1":"97:5E:85:70:5C:6F:7D:F5:DB:22:A2:2D:88:C5:E3:69:E8:15:5A:F4","sha256":"AE:9E:71:84:C0:24:A8:E6:55:FE:84:6C:3B:AA:4F:74:9F:76:47:83:B6:3D:D6:4D:0A:0A:74:54:1D:14:B3:EE"}}},"request":{"raw":"GET /script/suv5.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\nx-guploader-uploadid: ABgVH8-9c4pjta0Y-8RNJduhwu8SsqGu1HECSebUbnHzJiiyFvVWMsCxsSPtzwdr45PAPUNV\r\nx-goog-generation: 1757575972251993\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 96855\r\nx-goog-hash: crc32c=5NFa/Q==, md5=MnHxWy+gPL/oBNiRpNG+pA==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nexpires: Mon, 15 Sep 2025 03:30:42 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Thu, 11 Sep 2025 07:32:52 GMT\r\netag: W/\"3271f15b2fa03cbfe804d891a4d1bea4\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 2622\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 97f4b421d899b509-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":96855,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators","md5":"3271f15b2fa03cbfe804d891a4d1bea4","sha1":"ba0ebf448794037fa0cdc3f7d3a103e61894493e","sha256":"ec4add2cef8de7dcf48c93f7f83ecec842fee54b4e1ae3ae8ba67b1da1edfba8","sha512":"d6dfb9c2252f4a7dc3681f19e9c36ae5759a4ef08283d47493adc7f85bf76a092cc557a2a18cb13ac7af57626c4f9551833c53fd8ecddd86addc866cfac78b2a","ssdeep":"1536:LOFHKIV5GuKbOPNXN6ibR+6ry6j/IYOHSD/u/NNU48WQJFW4gkzwi/OsWVhL/Tyw:LYqmzIOVg6W6jUHSDm/NWu4hzihp","tlshash":"e293c649bad2f0e86be365e4842f5646e1772a24740d98d5fab6c5c19839ecf4033e3c","first_seen":"2025-09-11T10:47:57.233286Z","last_seen":"2025-10-21T05:38:50.883718Z","times_seen":518,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aie2jr5kc3.amazonaws.com/hls/480p/segment_1643.ts?token=atmfeg0yaw\u0026ts=1757903443324","fqdn":"aie2jr5kc3.amazonaws.com","domain":"aie2jr5kc3.amazonaws.com","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","date":"2025-09-15T02:30:43.369Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /hls/480p/segment_1643.ts?token=atmfeg0yaw\u0026ts=1757903443324 HTTP/1.1\r\nHost: aie2jr5kc3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://jxoxkplay.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"aie2jr5kc3.amazonaws.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=b080c0e7-add6-41d9-980d-36892e957e98\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=1ff09b7e889907be3339c33a3eb5f1f1\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=2","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=b080c0e7-add6-41d9-980d-36892e957e98\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=1ff09b7e889907be3339c33a3eb5f1f1\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=2 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 15 Sep 2025 02:30:45 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 894ecfe023cf43d03c6ba24e39a8e3a3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":724,"timings":{"blocked":308,"dns":0,"connect":104,"send":0,"wait":108,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ff/f8/82/fff882b016ff0a2e1dcee2dee24dac1092b1681e7bbb3b0c804d677a98dd73bb.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/ff/f8/82/fff882b016ff0a2e1dcee2dee24dac1092b1681e7bbb3b0c804d677a98dd73bb.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 14723\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 05 May 2025 01:41:17 GMT\r\netag: \"6818173d-3983\"\r\nexpires: Wed, 17 Sep 2025 02:30:45 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14723,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"50cab549bb005f4baa96fc5af4c228b0","sha1":"88bd4023f288e97522b66899f9247e38b5ab92de","sha256":"fcb0f0540ee9976797cb87cda6d0f1337e79844ae945ff4b15761b08665ff52b","sha512":"ab0de095bad8fedb042368f9236d246097c0ca93e76c8d3502f6baa769a3289ed139e791af936f4f2afa7622937281392d5c0d8054c1ab91e100031c06fea55e","ssdeep":"384:9w71SqxDBUC+8qNnYVQKNx0LmFC2yv3pnBXL:C7fxBUCYYB0rFvbb","tlshash":"5762c06fa3552329c4a807781ce435b8f360dc4fd6ba1b6534745de2549fe8af2d8142","first_seen":"2025-09-14T18:19:09.555553Z","last_seen":"2025-09-21T10:00:02.913872Z","times_seen":39,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sootoarathus.net/web/files/728x90/8.png","fqdn":"sootoarathus.net","domain":"sootoarathus.net","tld":"net"},"ip":{"addr":"104.21.93.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:41.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sootoarathus.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 Aug 2025 04:22:53 GMT","end":"Fri, 28 Nov 2025 05:19:46 GMT"},"fingerprint":{"sha1":"25:85:9E:54:1F:4E:FF:0A:E7:8B:A6:AC:2A:8C:F9:5D:38:B6:39:9F","sha256":"11:FA:6B:9B:74:B9:E6:E1:5B:C7:8A:C4:25:17:1C:76:E5:67:DA:8D:B4:6E:97:FC:2E:5D:D6:8A:F7:0B:82:0A"}}},"request":{"raw":"GET /web/files/728x90/8.png HTTP/1.1\r\nHost: sootoarathus.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:41 GMT\r\ncontent-type: image/png\r\ncontent-length: 83804\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 30 Apr 2024 12:16:06 GMT\r\netag: \"ce2817436f8d8c0c26164324f9837293\"\r\nexpires: Mon, 15 Sep 2025 18:13:51 GMT\r\ncache-control: max-age=86400\r\ntiming-allow-origin: *\r\nage: 29810\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7gBpKbIfvul44jRtpBLfw%2FBZhg1RQaR0YE4R9lY39b5GsZiylYMyx%2BabdSVWY4zqstXYpQiB9mjrwqNY9xjazAJW7r4gL6jcu336RitHqWE%3D\"}]}\r\ncf-ray: 97f4b41f6964120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83804,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced","md5":"ce2817436f8d8c0c26164324f9837293","sha1":"ecae88285f3b11e0cf73d1bd92ecc1c043cc6b6f","sha256":"49ad4cd02783da5c9520ef7871ced5acd61b249b5b2d54c8f5396e732eaeb379","sha512":"380a850c2cbd4bb3b2342d1e1adf35da140e0384175587ffb6665786a4f2998651a0084522557a31e26be34d34efa63db0c621c679d5f31825403729bd7f6542","ssdeep":"1536:vus065QX+VjanvEBk5ZS1HnLPlXzNrcm/6SldQmM9s12egOK1ivfU:vunWQ+poX5ULXrz/DUsQOKx","tlshash":"d68302d929aa888eb51317396b1c8431ec62d5747172ee4b1ccf0f149aa7cf0d7570ae","first_seen":"2024-05-17T06:50:55Z","last_seen":"2026-03-18T19:58:16.808369Z","times_seen":73,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":34,"dns":9,"connect":5,"send":0,"wait":9,"receive":7,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.197.252.180","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=288fc4f6-bc40-4306-87b8-9a3d7cbff99e:2:1; expires=Thu, 13 Sep 2035 02:30:42 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"e57d0d9b42029338af4f49e888748a8b","sha1":"ec51607a06e1daa7a59a6b6da516acd812fb082d","sha256":"3d2b39314a4817a025b56c3677f8c20e265ca257ab856788015f0d2e06f5e27f","sha512":"d91fc154bb9120960f2e5ca2308de5773f7d24d96e9265e35a785b7f0a2635ffd1fbe247996e828e26e2718acafc35a208aa95f78424917c2841aaf54bc06c6b","ssdeep":"","tlshash":"9a90044d057d344711dc030335100dcf4c7114114d4f0d35455cc4c51d107011d17400","first_seen":"2025-09-15T02:31:11.870768Z","last_seen":"2025-09-15T02:31:11.870768Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":150,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ia.hackingskye.com/ryVBn0ITJKVv/69521","fqdn":"ia.hackingskye.com","domain":"hackingskye.com","tld":"com"},"ip":{"addr":"23.109.170.127","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggogratis.shop/embed/stream-18.php","date":"2025-09-15T02:30:42.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ia.hackingskye.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 Aug 2025 08:48:00 GMT","end":"Sun, 23 Nov 2025 08:47:59 GMT"},"fingerprint":{"sha1":"3A:F9:42:D0:FD:36:A8:86:0A:38:F5:F4:88:57:F8:C1:24:C4:22:85","sha256":"9B:EB:28:40:CC:29:7C:FC:78:1C:AD:48:21:DF:8A:91:E9:26:25:F6:33:C4:3E:71:9A:22:17:BD:32:C7:8F:8A"}}},"request":{"raw":"GET /ryVBn0ITJKVv/69521 HTTP/1.1\r\nHost: ia.hackingskye.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggogratis.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ziggogratis.shop\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Tue, 16-Sep-2025 02:30:43 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U; expires=Tue, 16-Sep-2025 02:30:43 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-11T13:01:57.333966Z","times_seen":15285,"resource_available":true,"data":null}},"time_used":455,"timings":{"blocked":216,"dns":173,"connect":18,"send":0,"wait":22,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/impr.gif?sid=H4sIAAAAAAAC_1RTvY8cxRPtOfv3CyBAYETiZAMCjLi97pmeLxwgjDGyMGfLNnKACPpzr7nZ6aF7Zue8kYURsog2QhAgzdWefcJYyCRkILRnicASEkvCBb6EvwAhOUZ7XnGmgqp6_apbr1pVn203ByiChu1fes-OTVGwtbiPe69cM6W0re-tX-0R3Mene9dMmdDTva2Fc6PXSUT7-FTvHSU27VqICcYEk94545S2W2uHLJjqXk76Oe7TsE9iClvuv9g3AXgWgBwdoBfAyPlzf-oPwIgZlMP7Z5XfrG312tvDpmC1dTCSu--Xm6VtSxgepdoFoMvdZTVYP0foyxWw5e6yA7CjnUUHwM0crbz0CHi5u5QJfHT7iVJegCqBy2ehHc1AFXtg2AyEvQlG_oYAhIT1i1AO76xb17LrT1i2YOfo-OO_wbRzdPzRi1AOvztTmK3eFVs0tbGlhy3dgdmagRnMoGr2oB6vgGn3QNSfgJG_orXHF6Ac7lz0hQUj919WMomwSvWqJiRepRTT1TzlbJUmRIZRKIjI6eEXGT0D5o9B4wNoTACNDqCpAhjK_R7FGRWERYnOpUgxZZRKxXGehRizXKTQiIX2CdTVBEQxAeFuQOVuwKaZgGt-Br-x_4PWOk8oUSGOBUt5nqk0TxKNNZM0SXRGsjAUhOY65WnKUsVwFOEslVzlWZyEiYp1nOkkFgzLCDNOOA7jLGKchzTNCFUylDjOYk0zEeokVpnSOWehFBHRsQxlmiQRzmLNI4aThOMMp1znVKcJTQQhuZJRyiWhmEUkD3OaKRKm4GUAvkYwkh20CkHrEbQMQWsQtDWCdtTdloUPfXdHFr7hZBnDZYy6qa0H2-y2rQeqRMDcBJzsdkz1sb8Joj42HWsvp3bhGK-7KeOy264O0POLaQi-_nQAm2q_FzGlYpyLUGQi4zgUMaY604ToRCR5SMCbDoxfAeYDGJs5Wj95FyozR6fsA-BsD3yxB8KcANb8D1g7jTAGtjENYwzj8v7YDAZ2deBYbXxf2CFI20FVH4f6erBdHKCTh5P54R8jUOIhWhoI10HlOvjIPEAwKG5NL9sW7Vy2rUffX6xqMzRjtpjaKzWr1f_vvquut9bJ82f95Js3xYJYpPeuKl9fYKU05cCjb88YKZU7Z51Q6Mfz_prilxq_caZxZVNduPTWufPDyinvjS1nwMwcPfPX5yDMHJ346avDjYxf_QKMm4FrOhg2T2mtboCvjrC3CFxxhHmFoG26qQv5v4dTx_VRRWEQFOoIM96Bfwpz9dRFtniKmW7b34KBC4DVN6EcdjByHYyKDlgxAd8cm9aVe_jG79GhAS-CKS8c2uGFW_Bmv6cjFQqMszQhUaYViagUOs5oLpPFfiio_Xzjl_GVfwIAAP__2dJZt3cFAAA=","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTvY8cxRPtOfv3CyBAYETiZAMCjLi97pmeLxwgjDGyMGfLNnKACPpzr7nZ6aF7Zue8kYURsog2QhAgzdWefcJYyCRkILRnicASEkvCBb6EvwAhOUZ7XnGmgqp6_apbr1pVn203ByiChu1fes-OTVGwtbiPe69cM6W0re-tX-0R3Mene9dMmdDTva2Fc6PXSUT7-FTvHSU27VqICcYEk94545S2W2uHLJjqXk76Oe7TsE9iClvuv9g3AXgWgBwdoBfAyPlzf-oPwIgZlMP7Z5XfrG312tvDpmC1dTCSu--Xm6VtSxgepdoFoMvdZTVYP0foyxWw5e6yA7CjnUUHwM0crbz0CHi5u5QJfHT7iVJegCqBy2ehHc1AFXtg2AyEvQlG_oYAhIT1i1AO76xb17LrT1i2YOfo-OO_wbRzdPzRi1AOvztTmK3eFVs0tbGlhy3dgdmagRnMoGr2oB6vgGn3QNSfgJG_orXHF6Ac7lz0hQUj919WMomwSvWqJiRepRTT1TzlbJUmRIZRKIjI6eEXGT0D5o9B4wNoTACNDqCpAhjK_R7FGRWERYnOpUgxZZRKxXGehRizXKTQiIX2CdTVBEQxAeFuQOVuwKaZgGt-Br-x_4PWOk8oUSGOBUt5nqk0TxKNNZM0SXRGsjAUhOY65WnKUsVwFOEslVzlWZyEiYp1nOkkFgzLCDNOOA7jLGKchzTNCFUylDjOYk0zEeokVpnSOWehFBHRsQxlmiQRzmLNI4aThOMMp1znVKcJTQQhuZJRyiWhmEUkD3OaKRKm4GUAvkYwkh20CkHrEbQMQWsQtDWCdtTdloUPfXdHFr7hZBnDZYy6qa0H2-y2rQeqRMDcBJzsdkz1sb8Joj42HWsvp3bhGK-7KeOy264O0POLaQi-_nQAm2q_FzGlYpyLUGQi4zgUMaY604ToRCR5SMCbDoxfAeYDGJs5Wj95FyozR6fsA-BsD3yxB8KcANb8D1g7jTAGtjENYwzj8v7YDAZ2deBYbXxf2CFI20FVH4f6erBdHKCTh5P54R8jUOIhWhoI10HlOvjIPEAwKG5NL9sW7Vy2rUffX6xqMzRjtpjaKzWr1f_vvquut9bJ82f95Js3xYJYpPeuKl9fYKU05cCjb88YKZU7Z51Q6Mfz_prilxq_caZxZVNduPTWufPDyinvjS1nwMwcPfPX5yDMHJ346avDjYxf_QKMm4FrOhg2T2mtboCvjrC3CFxxhHmFoG26qQv5v4dTx_VRRWEQFOoIM96Bfwpz9dRFtniKmW7b34KBC4DVN6EcdjByHYyKDlgxAd8cm9aVe_jG79GhAS-CKS8c2uGFW_Bmv6cjFQqMszQhUaYViagUOs5oLpPFfiio_Xzjl_GVfwIAAP__2dJZt3cFAAA= HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzEwMDI2MywiayI6IjNhZWU1MDljMmM4YzhiMDJjNTA0ZjhmMTFmNmM2OTIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MTE4ODkwLCJwaWQiOjI3MTU1ODgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoibTI4cjdhazd3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3ppZ2dvLWdyYXRpcy5jb20vcm9qYTEyLTkvczE4LnBocCIsImFyIjpbXX19.5HDoNKHczEYcbMDCLRJPiHKja4Qk2qnmH5ecKRkMJ_8; uid_id2=ed630e7f-f115-4404-97ba-461d232c1c94:3:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl27100263=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:45 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7abd6e6087020efb8f077a7aaed3548d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/center_banner/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/center_banner/2/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nGSwCJDC1vK74e5Qdt%2Bb%2F%2FMCZkTMWgC10a69JzlCNFkbwkRo4IyFh93M6QCEi9pEA8XMoXqusZN6AWW2hS4lJR0WJ0lfQK8DjYfcepf9bgc%3D\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 1460905\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-149a0\"\r\ncf-ray: 97f4b4394a6f0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-11T12:58:00.203848Z","times_seen":10666,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/apu.php?zoneid=9590480\u0026var=9590470","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:42.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bb2r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 22:55:22 GMT","end":"Wed, 03 Dec 2025 23:55:16 GMT"},"fingerprint":{"sha1":"1E:29:CA:C1:CD:A1:69:2B:B7:B8:02:B9:52:07:8A:3A:C2:34:CB:A6","sha256":"64:0C:C9:A2:46:B5:A1:1D:3C:81:80:5D:B4:5A:4A:CE:0C:A4:2D:17:29:2E:A2:6A:71:64:D9:9D:C5:BE:22:DC"}}},"request":{"raw":"GET /apu.php?zoneid=9590480\u0026var=9590470 HTTP/1.1\r\nHost: bb2r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:42 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97f4b4210c22712d-OSL\r\nx-trace-id: f2c4cce25cfb46861e46ee1ceaed6566\r\nlink: \u003chttps://my.rtmark.net\u003e; rel=\"preconnect dns-prefetch\"\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nset-cookie: OAID=00824571f65c4b56e88ae6d1dda41223; expires=Tue, 15 Sep 2026 02:30:42 GMT; path=/; secure; SameSite=None\noaidts=1757903442; expires=Tue, 15 Sep 2026 02:30:42 GMT; path=/; secure; SameSite=None\nsyncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":114823,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"10614e7662c913d7aa31239e8f595686","sha1":"d995375d17299e4a58ba4e2eafe3ad60a16cd280","sha256":"192794c1aa59cefea746c044903255eadcf26d46c4aa3ffcb939a3e4e613c9a5","sha512":"c293cca2f7de43cf80ed4edaeaea809910ebe8a18973304fe5f54d5c4c444a498e5c248eae7a80e29aea0533de61919435df5e38b402b6996f370fafc16ad109","ssdeep":"1536:LOtQiEOxh8M3MCBCskobqUy3LghGVHtg7aC7n6wTEjtwO2E/:LOtX93Mf3UAQbaC76GEBwO2E/","tlshash":"b6b30b98625334716d7a9139385fc44caeeaef80148e89e4d4d9ac732653071d3bbfe8","first_seen":"2025-09-15T02:31:11.875079Z","last_seen":"2025-09-15T02:31:11.875079Z","times_seen":1,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":39,"dns":12,"connect":1,"send":0,"wait":40,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/wrr?z=9590480\u0026p_rid=7cbc7a61-956d-4d6b-ad75-4547595ae2f5\u0026rb=C3JVw0Iv2hj50UcfSoxzSGvTiYZwsPONtqzX7ctJeax_6umocl5NRUC8h4ZUXTWzya2VhYezJEs3cPK697zMflRcUuT9Ec6Wvb5RWGyBQFrP9vTF5Hv-2PX9jxpQTTNX2VxCP3YghQLV6xsbGOyB8WGpsHAUmQE2Cq1HqeVcfu2EJyFjTCXtUfhMD_JesJD35xengwAFDTo8Je41pnYAAjrwFHB8Wf0AbKU-XS9gBIytR6Sr8UPqQslLhKmAxlWohigiArBycMzFnA1OfnZHlQ==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:44.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bb2r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 22:55:22 GMT","end":"Wed, 03 Dec 2025 23:55:16 GMT"},"fingerprint":{"sha1":"1E:29:CA:C1:CD:A1:69:2B:B7:B8:02:B9:52:07:8A:3A:C2:34:CB:A6","sha256":"64:0C:C9:A2:46:B5:A1:1D:3C:81:80:5D:B4:5A:4A:CE:0C:A4:2D:17:29:2E:A2:6A:71:64:D9:9D:C5:BE:22:DC"}}},"request":{"raw":"POST /wrr?z=9590480\u0026p_rid=7cbc7a61-956d-4d6b-ad75-4547595ae2f5\u0026rb=C3JVw0Iv2hj50UcfSoxzSGvTiYZwsPONtqzX7ctJeax_6umocl5NRUC8h4ZUXTWzya2VhYezJEs3cPK697zMflRcUuT9Ec6Wvb5RWGyBQFrP9vTF5Hv-2PX9jxpQTTNX2VxCP3YghQLV6xsbGOyB8WGpsHAUmQE2Cq1HqeVcfu2EJyFjTCXtUfhMD_JesJD35xengwAFDTo8Je41pnYAAjrwFHB8Wf0AbKU-XS9gBIytR6Sr8UPqQslLhKmAxlWohigiArBycMzFnA1OfnZHlQ==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: bb2r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ziggo-gratis.com/\r\ncontent-type: application/json\r\nContent-Length: 2530\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:44 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncf-ray: 97f4b42d6f178deb-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bb2r.com/wrr?z=9590485\u0026p_rid=45064c44-03e2-4d71-b8f5-041a56bcb06e\u0026rb=4clB-2ryDj44bZgU7Wc3yX4PT3sgRAuwhAB5WOcIJXTrpRyVMUWFckJPHcN5B_Voa0wYao9ySen_gn6HMNP3meCeRIkqcApXe9AXW_VK2ZPqmRDyEk7tc7K_nD_UtKJZhJ6rkl5yL2m1GuKfx1uNIV40f2Xq-Vz_ie3i0RDeDGJvAtoqa6_tDMvj8T1Te4j4c56YcBguZg_QO_0gHHO0281dx9YXLWjceicGvVds8rO99fuSd9voP7ORBNkTUEPuc4nk_NCSz0VyFN0cDFznIw==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2","fqdn":"bb2r.com","domain":"bb2r.com","tld":"com"},"ip":{"addr":"104.18.41.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bb2r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 22:55:22 GMT","end":"Wed, 03 Dec 2025 23:55:16 GMT"},"fingerprint":{"sha1":"1E:29:CA:C1:CD:A1:69:2B:B7:B8:02:B9:52:07:8A:3A:C2:34:CB:A6","sha256":"64:0C:C9:A2:46:B5:A1:1D:3C:81:80:5D:B4:5A:4A:CE:0C:A4:2D:17:29:2E:A2:6A:71:64:D9:9D:C5:BE:22:DC"}}},"request":{"raw":"POST /wrr?z=9590485\u0026p_rid=45064c44-03e2-4d71-b8f5-041a56bcb06e\u0026rb=4clB-2ryDj44bZgU7Wc3yX4PT3sgRAuwhAB5WOcIJXTrpRyVMUWFckJPHcN5B_Voa0wYao9ySen_gn6HMNP3meCeRIkqcApXe9AXW_VK2ZPqmRDyEk7tc7K_nD_UtKJZhJ6rkl5yL2m1GuKfx1uNIV40f2Xq-Vz_ie3i0RDeDGJvAtoqa6_tDMvj8T1Te4j4c56YcBguZg_QO_0gHHO0281dx9YXLWjceicGvVds8rO99fuSd9voP7ORBNkTUEPuc4nk_NCSz0VyFN0cDFznIw==\u0026dmn=bb2r.com\u0026userId=0082456a8c1a49ffef7a8ad5c182f3f2 HTTP/1.1\r\nHost: bb2r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ziggo-gratis.com/\r\ncontent-type: application/json\r\nContent-Length: 2535\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncf-ray: 97f4b4357b318deb-OSL\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://ziggo-gratis.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2Fbb%2F09%2F20%2Fbb0920e920b04fdebd2119739150c93c%2F1698574651.html\u0026l=1777\u0026fd=183","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2Fbb%2F09%2F20%2Fbb0920e920b04fdebd2119739150c93c%2F1698574651.html\u0026l=1777\u0026fd=183 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nCookie: uid_id2=b080c0e7-add6-41d9-980d-36892e957e98:3:2; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27410430=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 15 Sep 2025 02:30:45 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T12:55:49.320816Z","times_seen":13621212,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/center_banner/2/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziggo-gratis.com/roja12-9/s18.php","date":"2025-09-15T02:30:45.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/center_banner/2/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziggo-gratis.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggo-gratis.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:45 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-13365\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 216784\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4k7tgqX7viXlhu8VslZHanrwhu65pxVUPKcIVE%2Bsa4dKg7V4kKvo1LGp8k2WTPPgSYsHzQ%2FF1CkTlNrYfXpSnNGN%2F%2F09g%2BvVD3hhSoLzKmM%3D\"}]}\r\ncf-ray: 97f4b438cc1a8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5982c5377696d20476871062646b253f","sha1":"8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242","sha256":"4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4","sha512":"92592dac2a817293e8ec1d94bf99df639626a90d524420b01a12210398927c0650cc26fa8e730300096b29961563aa02efb707478c6d51ac8616bb1bde5a0cb2","ssdeep":"384:jvuAuF81dghu3uFlZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uhu7uNKwZiMUL6Vpaj7F","tlshash":"1d731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-02-12T20:28:38Z","last_seen":"2026-04-11T12:30:59.809316Z","times_seen":6421,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":41,"dns":12,"connect":12,"send":0,"wait":22,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/bizz-streams2u.php?id=18","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"104.21.6.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ziggogratis.shop/embed/stream-18.php","date":"2025-09-15T02:30:42.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jxoxkplay.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 18:24:49 GMT","end":"Sun, 09 Nov 2025 19:21:25 GMT"},"fingerprint":{"sha1":"F9:C9:6D:AE:27:E4:51:15:EB:CE:17:8D:87:A8:7A:36:1C:46:F3:42","sha256":"90:CC:17:79:CA:44:5D:24:3F:E9:35:D2:27:2D:DE:C4:40:75:68:37:45:8C:A8:06:D7:48:D4:2D:1E:ED:0E:2E"}}},"request":{"raw":"GET /premiumtv/bizz-streams2u.php?id=18 HTTP/1.1\r\nHost: jxoxkplay.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziggogratis.shop/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 15 Sep 2025 02:30:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-cache: BYPASS\r\nvideocdnx: NO\r\nnode: PHP\r\ncache-control: public, max-age=30, immutable, no-transform\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gHwu4%2B4kjdPMkzQXgLLpUCDuVSlGx%2FiLGnTf4fnGta2nh3pcNo26nTaPFGWAP%2BVtQBOo8Oln0Az0FrelOCQ5UHqY75X%2Fdllrzwt5Spk%3D\"}]}\r\ncf-ray: 97f4b42618d81a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49393,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28192), with CRLF line terminators","md5":"238f57b09036cd493d4092b216f9333a","sha1":"d5e6724bb2c92bedc62f84b998c6014900d6a138","sha256":"1ab1a25a515cc259ffcbe7fd5f9970d67914e50c91282664e81f58492fcdcb23","sha512":"575c173fd208b0fe78caa0afa39745e5574cf585a51043ad4476673a08e17d0877dab51a9861aaa344a7479b70b162cb87d097e2f15e59e686d5355789ef4bc0","ssdeep":"768:e7p94FhK72GZQ80GaIoQPzahq/AMOB4P1UiULcuYlKi/IC0zHhoRga/ppN34Dy6H:Up9yM72HGI7MOeKif9b/ppN34+hvj8","tlshash":"54231796354ab8154376626114bf2885e1ac4482358f8a38f75cf9263ffb634c4e7ef8","first_seen":"2025-09-15T02:31:11.878507Z","last_seen":"2025-09-15T02:31:11.878507Z","times_seen":1,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":75,"dns":55,"connect":3,"send":0,"wait":171,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}